tools/security/dependency-check/dependency-check-report.html

<!DOCTYPE html>
<html>
    <head>
        <title>Dependency-Check Report</title>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link rel="shortcut icon" href="data:;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAVLSURBVFhHvZdvbFRFEMB3913v9Vr+FKUNRdtrewg1lQgRE0gMYkJSowYMwcSPkGDwg8ZigMR+UYzGaIuAEj+R+IfE+EUlRL+QYAwhGBMqkFQDpO1xd/YPBaSU9u767r0dZ5a513vtXVsq8Zcsb3bu9c3szuzsIMU8iEaj5fhYJlzRYCkZ7Utd+wbnQL+Nd0TeoyeAPLFgf/oiyTNxXw6g4WUhTz4JEtaiNXLCEE8l3seHJjlzsOJHfLxMsgHE4cje9B6eTUPxc0ZoxbFHG1qVFq9rCRsKjc+KFG3oFGQ6Kw6xJsCsDqDxNZYWbWSYVUFAJFkyaA2XWAxiHIlcGPukYg1rDCVDQKsOadmqBaxllY8CuKHBuqOlHlNKufFk/GdUmxxoeqTpMbBg1dGXRlZtqHc2R8rgedIXgk4eqNyXMblS1AE2vhWNP84qAxl2hewno6wyFHOAZOLAc6PRbU+kd2OyrmbVPTg3pjlQzDgazGmh40rKMY3LZrVBCi/Tl0z+gqJxYGV9fWNOWC0kF3Jm1/C2pZWwk6cG2olpOcDb7hsHgLQGcUWAGs0bV1K7EuSQFbbOLKmuPkOvkZ64mkzG8bXz5BirDBuP1fzQP6I+5yl9eAS9vxjYAVz9esx0P2a0ck+73VKGPFaR8Vtpx7k0ODiYZlVJmpcvfzirwi1SyUWsMiF5ZXX6A1zJzsq9mRO+A7T1lO2BIyZVN/6bJZFWnQO4Wl1dnerq6sqRbq401TWtw9qxjGT6zhfbs3+0Hrw+THPfgVhdA8Xdz3j84RpIdZOngrY1kUgMOR3lG1kVREkHhBp3smJ4wdLmf+TuoJOxuroW3NI6zN6L9B1W33MAV1+FW99mNIgUclBaYtCPObjx3lTqT5KxqJyk52y4nv5u4f7stzzNY+Hww0ncS0JXBIoDWryRN07JVlVTc9Xo74OQpV7F6ndk5CO7iVVEwDihVqxYYVtKrOc5bckIgHJIpnhl3MxfpWIuJZyWAMdo0Io1AOXMJFI0hm3VzrOiYG2BmsLEAz0Zd9DWzZmyHd/tLt+bOUmDthuzun3C8dryjqCDdzF5tqcPRr40f1AElcvl6lgmJkC5d1kWYS8bZ3HOVL0z0TcKiz70tBjAML4opVgsoeB2nIJyXfeKJfRxGo52j4ds+xwWmN9t1/7t8sDALX7vvqjdd31cChgi40YhZdXUSyiPGkAjPalUL43+/v6/e3p6btC4PHB5XsZ9sMqxZJAWbGIxwJz6gfkAWl5jcUYUbU1+3D60uIp0PPwiNR/wZAW3HERRh5Sy4C3LEhdoiAn368b6xhdoxKLRVn5nXmDpfZZFg7J00f5QgRYJlkV5GWyJVnk2yRpUKBaLFZ6QOYMFaAdW0x08xcXDr5E9E8V3wAmFD7NseO3pMf8uh1xuJYuzQuGjMJreT4rJc4/XrvZk6aZ0yZ47WPkm47M55mxnET23IrW1tRU8DUBFBlf2faYzcptGuefETRix9+NXDNhLHJmpPTenAON1xMyQRbZevaV5ooanwrbsdSz6kPF8kaEz7o9CqOEAvPO59yuFccBR4a/MjGnfNDp5M2IzgQnpd8QB41NBoxRvarWyVrgRe77Ad4vhHzX6H41S8l2eitO9ZR+/+dNDZ3lqbsW+VN/52x12YxlY04xbZd5IqUSbCd8BSiLby13AlTWwSnx6tvKNY10LzCmhm7E3kTiFYqAp/a/4lZCSUYIX6Frffmb86K6nxqJknDoZVD1Q48S0ajc1FBTXU8mFzVs/G77OmgdK0XLLZ7nNnGHuXvmn/w9yYrwzUvIefzAI8S83C2sS1J4rmAAAAABJRU5ErkJggg==" />
        <script type="text/javascript">
            /*! jQuery v@1.8.0 jquery.com | jquery.org/license */
            (function(a,b){function G(a){var b=F[a]={};return p.each(a.split(s),function(a,c){b[c]=!0}),b}function J(a,c,d){if(d===b&&a.nodeType===1){var e="data-"+c.replace(I,"-$1").toLowerCase();d=a.getAttribute(e);if(typeof d=="string"){try{d=d==="true"?!0:d==="false"?!1:d==="null"?null:+d+""===d?+d:H.test(d)?p.parseJSON(d):d}catch(f){}p.data(a,c,d)}else d=b}return d}function K(a){var b;for(b in a){if(b==="data"&&p.isEmptyObject(a[b]))continue;if(b!=="toJSON")return!1}return!0}function ba(){return!1}function bb(){return!0}function bh(a){return!a||!a.parentNode||a.parentNode.nodeType===11}function bi(a,b){do a=a[b];while(a&&a.nodeType!==1);return a}function bj(a,b,c){b=b||0;if(p.isFunction(b))return p.grep(a,function(a,d){var e=!!b.call(a,d,a);return e===c});if(b.nodeType)return p.grep(a,function(a,d){return a===b===c});if(typeof b=="string"){var d=p.grep(a,function(a){return a.nodeType===1});if(be.test(b))return p.filter(b,d,!c);b=p.filter(b,d)}return p.grep(a,function(a,d){return p.inArray(a,b)>=0===c})}function bk(a){var b=bl.split("|"),c=a.createDocumentFragment();if(c.createElement)while(b.length)c.createElement(b.pop());return c}function bC(a,b){return a.getElementsByTagName(b)[0]||a.appendChild(a.ownerDocument.createElement(b))}function bD(a,b){if(b.nodeType!==1||!p.hasData(a))return;var c,d,e,f=p._data(a),g=p._data(b,f),h=f.events;if(h){delete g.handle,g.events={};for(c in h)for(d=0,e=h[c].length;d<e;d++)p.event.add(b,c,h[c][d])}g.data&&(g.data=p.extend({},g.data))}function bE(a,b){var c;if(b.nodeType!==1)return;b.clearAttributes&&b.clearAttributes(),b.mergeAttributes&&b.mergeAttributes(a),c=b.nodeName.toLowerCase(),c==="object"?(b.parentNode&&(b.outerHTML=a.outerHTML),p.support.html5Clone&&a.innerHTML&&!p.trim(b.innerHTML)&&(b.innerHTML=a.innerHTML)):c==="input"&&bv.test(a.type)?(b.defaultChecked=b.checked=a.checked,b.value!==a.value&&(b.value=a.value)):c==="option"?b.selected=a.defaultSelected:c==="input"||c==="textarea"?b.defaultValue=a.defaultValue:c==="script"&&b.text!==a.text&&(b.text=a.text),b.removeAttribute(p.expando)}function bF(a){return typeof a.getElementsByTagName!="undefined"?a.getElementsByTagName("*"):typeof a.querySelectorAll!="undefined"?a.querySelectorAll("*"):[]}function bG(a){bv.test(a.type)&&(a.defaultChecked=a.checked)}function bX(a,b){if(b in a)return b;var c=b.charAt(0).toUpperCase()+b.slice(1),d=b,e=bV.length;while(e--){b=bV[e]+c;if(b in a)return b}return d}function bY(a,b){return a=b||a,p.css(a,"display")==="none"||!p.contains(a.ownerDocument,a)}function bZ(a,b){var c,d,e=[],f=0,g=a.length;for(;f<g;f++){c=a[f];if(!c.style)continue;e[f]=p._data(c,"olddisplay"),b?(!e[f]&&c.style.display==="none"&&(c.style.display=""),c.style.display===""&&bY(c)&&(e[f]=p._data(c,"olddisplay",cb(c.nodeName)))):(d=bH(c,"display"),!e[f]&&d!=="none"&&p._data(c,"olddisplay",d))}for(f=0;f<g;f++){c=a[f];if(!c.style)continue;if(!b||c.style.display==="none"||c.style.display==="")c.style.display=b?e[f]||"":"none"}return a}function b$(a,b,c){var d=bO.exec(b);return d?Math.max(0,d[1]-(c||0))+(d[2]||"px"):b}function b_(a,b,c,d){var e=c===(d?"border":"content")?4:b==="width"?1:0,f=0;for(;e<4;e+=2)c==="margin"&&(f+=p.css(a,c+bU[e],!0)),d?(c==="content"&&(f-=parseFloat(bH(a,"padding"+bU[e]))||0),c!=="margin"&&(f-=parseFloat(bH(a,"border"+bU[e]+"Width"))||0)):(f+=parseFloat(bH(a,"padding"+bU[e]))||0,c!=="padding"&&(f+=parseFloat(bH(a,"border"+bU[e]+"Width"))||0));return f}function ca(a,b,c){var d=b==="width"?a.offsetWidth:a.offsetHeight,e=!0,f=p.support.boxSizing&&p.css(a,"boxSizing")==="border-box";if(d<=0){d=bH(a,b);if(d<0||d==null)d=a.style[b];if(bP.test(d))return d;e=f&&(p.support.boxSizingReliable||d===a.style[b]),d=parseFloat(d)||0}return d+b_(a,b,c||(f?"border":"content"),e)+"px"}function cb(a){if(bR[a])return bR[a];var b=p("<"+a+">").appendTo(e.body),c=b.css("display");b.remove();if(c==="none"||c===""){bI=e.body.appendChild(bI||p.extend(e.createElement("iframe"),{frameBorder:0,width:0,height:0}));if(!bJ||!bI.createElement)bJ=(bI.contentWindow||bI.contentDocument).document,bJ.write("<!doctype html><html><body>"),bJ.close();b=bJ.body.appendChild(bJ.createElement(a)),c=bH(b,"display"),e.body.removeChild(bI)}return bR[a]=c,c}function ch(a,b,c,d){var e;if(p.isArray(b))p.each(b,function(b,e){c||cd.test(a)?d(a,e):ch(a+"["+(typeof e=="object"?b:"")+"]",e,c,d)});else if(!c&&p.type(b)==="object")for(e in b)ch(a+"["+e+"]",b[e],c,d);else d(a,b)}function cy(a){return function(b,c){typeof b!="string"&&(c=b,b="*");var d,e,f,g=b.toLowerCase().split(s),h=0,i=g.length;if(p.isFunction(c))for(;h<i;h++)d=g[h],f=/^\+/.test(d),f&&(d=d.substr(1)||"*"),e=a[d]=a[d]||[],e[f?"unshift":"push"](c)}}function cz(a,c,d,e,f,g){f=f||c.dataTypes[0],g=g||{},g[f]=!0;var h,i=a[f],j=0,k=i?i.length:0,l=a===cu;for(;j<k&&(l||!h);j++)h=i[j](c,d,e),typeof h=="string"&&(!l||g[h]?h=b:(c.dataTypes.unshift(h),h=cz(a,c,d,e,h,g)));return(l||!h)&&!g["*"]&&(h=cz(a,c,d,e,"*",g)),h}function cA(a,c){var d,e,f=p.ajaxSettings.flatOptions||{};for(d in c)c[d]!==b&&((f[d]?a:e||(e={}))[d]=c[d]);e&&p.extend(!0,a,e)}function cB(a,c,d){var e,f,g,h,i=a.contents,j=a.dataTypes,k=a.responseFields;for(f in k)f in d&&(c[k[f]]=d[f]);while(j[0]==="*")j.shift(),e===b&&(e=a.mimeType||c.getResponseHeader("content-type"));if(e)for(f in i)if(i[f]&&i[f].test(e)){j.unshift(f);break}if(j[0]in d)g=j[0];else{for(f in d){if(!j[0]||a.converters[f+" "+j[0]]){g=f;break}h||(h=f)}g=g||h}if(g)return g!==j[0]&&j.unshift(g),d[g]}function cC(a,b){var c,d,e,f,g=a.dataTypes.slice(),h=g[0],i={},j=0;a.dataFilter&&(b=a.dataFilter(b,a.dataType));if(g[1])for(c in a.converters)i[c.toLowerCase()]=a.converters[c];for(;e=g[++j];)if(e!=="*"){if(h!=="*"&&h!==e){c=i[h+" "+e]||i["* "+e];if(!c)for(d in i){f=d.split(" ");if(f[1]===e){c=i[h+" "+f[0]]||i["* "+f[0]];if(c){c===!0?c=i[d]:i[d]!==!0&&(e=f[0],g.splice(j--,0,e));break}}}if(c!==!0)if(c&&a["throws"])b=c(b);else try{b=c(b)}catch(k){return{state:"parsererror",error:c?k:"No conversion from "+h+" to "+e}}}h=e}return{state:"success",data:b}}function cK(){try{return new a.XMLHttpRequest}catch(b){}}function cL(){try{return new a.ActiveXObject("Microsoft.XMLHTTP")}catch(b){}}function cT(){return setTimeout(function(){cM=b},0),cM=p.now()}function cU(a,b){p.each(b,function(b,c){var d=(cS[b]||[]).concat(cS["*"]),e=0,f=d.length;for(;e<f;e++)if(d[e].call(a,b,c))return})}function cV(a,b,c){var d,e=0,f=0,g=cR.length,h=p.Deferred().always(function(){delete i.elem}),i=function(){var b=cM||cT(),c=Math.max(0,j.startTime+j.duration-b),d=1-(c/j.duration||0),e=0,f=j.tweens.length;for(;e<f;e++)j.tweens[e].run(d);return h.notifyWith(a,[j,d,c]),d<1&&f?c:(h.resolveWith(a,[j]),!1)},j=h.promise({elem:a,props:p.extend({},b),opts:p.extend(!0,{specialEasing:{}},c),originalProperties:b,originalOptions:c,startTime:cM||cT(),duration:c.duration,tweens:[],createTween:function(b,c,d){var e=p.Tween(a,j.opts,b,c,j.opts.specialEasing[b]||j.opts.easing);return j.tweens.push(e),e},stop:function(b){var c=0,d=b?j.tweens.length:0;for(;c<d;c++)j.tweens[c].run(1);return b?h.resolveWith(a,[j,b]):h.rejectWith(a,[j,b]),this}}),k=j.props;cW(k,j.opts.specialEasing);for(;e<g;e++){d=cR[e].call(j,a,k,j.opts);if(d)return d}return cU(j,k),p.isFunction(j.opts.start)&&j.opts.start.call(a,j),p.fx.timer(p.extend(i,{anim:j,queue:j.opts.queue,elem:a})),j.progress(j.opts.progress).done(j.opts.done,j.opts.complete).fail(j.opts.fail).always(j.opts.always)}function cW(a,b){var c,d,e,f,g;for(c in a){d=p.camelCase(c),e=b[d],f=a[c],p.isArray(f)&&(e=f[1],f=a[c]=f[0]),c!==d&&(a[d]=f,delete a[c]),g=p.cssHooks[d];if(g&&"expand"in g){f=g.expand(f),delete a[d];for(c in f)c in a||(a[c]=f[c],b[c]=e)}else b[d]=e}}function cX(a,b,c){var d,e,f,g,h,i,j,k,l=this,m=a.style,n={},o=[],q=a.nodeType&&bY(a);c.queue||(j=p._queueHooks(a,"fx"),j.unqueued==null&&(j.unqueued=0,k=j.empty.fire,j.empty.fire=function(){j.unqueued||k()}),j.unqueued++,l.always(function(){l.always(function(){j.unqueued--,p.queue(a,"fx").length||j.empty.fire()})})),a.nodeType===1&&("height"in b||"width"in b)&&(c.overflow=[m.overflow,m.overflowX,m.overflowY],p.css(a,"display")==="inline"&&p.css(a,"float")==="none"&&(!p.support.inlineBlockNeedsLayout||cb(a.nodeName)==="inline"?m.display="inline-block":m.zoom=1)),c.overflow&&(m.overflow="hidden",p.support.shrinkWrapBlocks||l.done(function(){m.overflow=c.overflow[0],m.overflowX=c.overflow[1],m.overflowY=c.overflow[2]}));for(d in b){f=b[d];if(cO.exec(f)){delete b[d];if(f===(q?"hide":"show"))continue;o.push(d)}}g=o.length;if(g){h=p._data(a,"fxshow")||p._data(a,"fxshow",{}),q?p(a).show():l.done(function(){p(a).hide()}),l.done(function(){var b;p.removeData(a,"fxshow",!0);for(b in n)p.style(a,b,n[b])});for(d=0;d<g;d++)e=o[d],i=l.createTween(e,q?h[e]:0),n[e]=h[e]||p.style(a,e),e in h||(h[e]=i.start,q&&(i.end=i.start,i.start=e==="width"||e==="height"?1:0))}}function cY(a,b,c,d,e){return new cY.prototype.init(a,b,c,d,e)}function cZ(a,b){var c,d={height:a},e=0;for(;e<4;e+=2-b)c=bU[e],d["margin"+c]=d["padding"+c]=a;return b&&(d.opacity=d.width=a),d}function c_(a){return p.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}var c,d,e=a.document,f=a.location,g=a.navigator,h=a.jQuery,i=a.$,j=Array.prototype.push,k=Array.prototype.slice,l=Array.prototype.indexOf,m=Object.prototype.toString,n=Object.prototype.hasOwnProperty,o=String.prototype.trim,p=function(a,b){return new p.fn.init(a,b,c)},q=/[\-+]?(?:\d*\.|)\d+(?:[eE][\-+]?\d+|)/.source,r=/\S/,s=/\s+/,t=r.test(" ")?/^[\s\xA0]+|[\s\xA0]+$/g:/^\s+|\s+$/g,u=/^(?:[^#<]*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/,v=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,w=/^[\],:{}\s]*$/,x=/(?:^|:|,)(?:\s*\[)+/g,y=/\\(?:["\\\/bfnrt]|u[\da-fA-F]{4})/g,z=/"[^"\\\r\n]*"|true|false|null|-?(?:\d\d*\.|)\d+(?:[eE][\-+]?\d+|)/g,A=/^-ms-/,B=/-([\da-z])/gi,C=function(a,b){return(b+"").toUpperCase()},D=function(){e.addEventListener?(e.removeEventListener("DOMContentLoaded",D,!1),p.ready()):e.readyState==="complete"&&(e.detachEvent("onreadystatechange",D),p.ready())},E={};p.fn=p.prototype={constructor:p,init:function(a,c,d){var f,g,h,i;if(!a)return this;if(a.nodeType)return this.context=this[0]=a,this.length=1,this;if(typeof a=="string"){a.charAt(0)==="<"&&a.charAt(a.length-1)===">"&&a.length>=3?f=[null,a,null]:f=u.exec(a);if(f&&(f[1]||!c)){if(f[1])return c=c instanceof p?c[0]:c,i=c&&c.nodeType?c.ownerDocument||c:e,a=p.parseHTML(f[1],i,!0),v.test(f[1])&&p.isPlainObject(c)&&this.attr.call(a,c,!0),p.merge(this,a);g=e.getElementById(f[2]);if(g&&g.parentNode){if(g.id!==f[2])return d.find(a);this.length=1,this[0]=g}return this.context=e,this.selector=a,this}return!c||c.jquery?(c||d).find(a):this.constructor(c).find(a)}return p.isFunction(a)?d.ready(a):(a.selector!==b&&(this.selector=a.selector,this.context=a.context),p.makeArray(a,this))},selector:"",jquery:"1.8.0",length:0,size:function(){return this.length},toArray:function(){return k.call(this)},get:function(a){return a==null?this.toArray():a<0?this[this.length+a]:this[a]},pushStack:function(a,b,c){var d=p.merge(this.constructor(),a);return d.prevObject=this,d.context=this.context,b==="find"?d.selector=this.selector+(this.selector?" ":"")+c:b&&(d.selector=this.selector+"."+b+"("+c+")"),d},each:function(a,b){return p.each(this,a,b)},ready:function(a){return p.ready.promise().done(a),this},eq:function(a){return a=+a,a===-1?this.slice(a):this.slice(a,a+1)},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},slice:function(){return this.pushStack(k.apply(this,arguments),"slice",k.call(arguments).join(","))},map:function(a){return this.pushStack(p.map(this,function(b,c){return a.call(b,c,b)}))},end:function(){return this.prevObject||this.constructor(null)},push:j,sort:[].sort,splice:[].splice},p.fn.init.prototype=p.fn,p.extend=p.fn.extend=function(){var a,c,d,e,f,g,h=arguments[0]||{},i=1,j=arguments.length,k=!1;typeof h=="boolean"&&(k=h,h=arguments[1]||{},i=2),typeof h!="object"&&!p.isFunction(h)&&(h={}),j===i&&(h=this,--i);for(;i<j;i++)if((a=arguments[i])!=null)for(c in a){d=h[c],e=a[c];if(h===e)continue;k&&e&&(p.isPlainObject(e)||(f=p.isArray(e)))?(f?(f=!1,g=d&&p.isArray(d)?d:[]):g=d&&p.isPlainObject(d)?d:{},h[c]=p.extend(k,g,e)):e!==b&&(h[c]=e)}return h},p.extend({noConflict:function(b){return a.$===p&&(a.$=i),b&&a.jQuery===p&&(a.jQuery=h),p},isReady:!1,readyWait:1,holdReady:function(a){a?p.readyWait++:p.ready(!0)},ready:function(a){if(a===!0?--p.readyWait:p.isReady)return;if(!e.body)return setTimeout(p.ready,1);p.isReady=!0;if(a!==!0&&--p.readyWait>0)return;d.resolveWith(e,[p]),p.fn.trigger&&p(e).trigger("ready").off("ready")},isFunction:function(a){return p.type(a)==="function"},isArray:Array.isArray||function(a){return p.type(a)==="array"},isWindow:function(a){return a!=null&&a==a.window},isNumeric:function(a){return!isNaN(parseFloat(a))&&isFinite(a)},type:function(a){return a==null?String(a):E[m.call(a)]||"object"},isPlainObject:function(a){if(!a||p.type(a)!=="object"||a.nodeType||p.isWindow(a))return!1;try{if(a.constructor&&!n.call(a,"constructor")&&!n.call(a.constructor.prototype,"isPrototypeOf"))return!1}catch(c){return!1}var d;for(d in a);return d===b||n.call(a,d)},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},error:function(a){throw new Error(a)},parseHTML:function(a,b,c){var d;return!a||typeof a!="string"?null:(typeof b=="boolean"&&(c=b,b=0),b=b||e,(d=v.exec(a))?[b.createElement(d[1])]:(d=p.buildFragment([a],b,c?null:[]),p.merge([],(d.cacheable?p.clone(d.fragment):d.fragment).childNodes)))},parseJSON:function(b){if(!b||typeof b!="string")return null;b=p.trim(b);if(a.JSON&&a.JSON.parse)return a.JSON.parse(b);if(w.test(b.replace(y,"@").replace(z,"]").replace(x,"")))return(new Function("return "+b))();p.error("Invalid JSON: "+b)},parseXML:function(c){var d,e;if(!c||typeof c!="string")return null;try{a.DOMParser?(e=new DOMParser,d=e.parseFromString(c,"text/xml")):(d=new ActiveXObject("Microsoft.XMLDOM"),d.async="false",d.loadXML(c))}catch(f){d=b}return(!d||!d.documentElement||d.getElementsByTagName("parsererror").length)&&p.error("Invalid XML: "+c),d},noop:function(){},globalEval:function(b){b&&r.test(b)&&(a.execScript||function(b){a.eval.call(a,b)})(b)},camelCase:function(a){return a.replace(A,"ms-").replace(B,C)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toUpperCase()===b.toUpperCase()},each:function(a,c,d){var e,f=0,g=a.length,h=g===b||p.isFunction(a);if(d){if(h){for(e in a)if(c.apply(a[e],d)===!1)break}else for(;f<g;)if(c.apply(a[f++],d)===!1)break}else if(h){for(e in a)if(c.call(a[e],e,a[e])===!1)break}else for(;f<g;)if(c.call(a[f],f,a[f++])===!1)break;return a},trim:o?function(a){return a==null?"":o.call(a)}:function(a){return a==null?"":a.toString().replace(t,"")},makeArray:function(a,b){var c,d=b||[];return a!=null&&(c=p.type(a),a.length==null||c==="string"||c==="function"||c==="regexp"||p.isWindow(a)?j.call(d,a):p.merge(d,a)),d},inArray:function(a,b,c){var d;if(b){if(l)return l.call(b,a,c);d=b.length,c=c?c<0?Math.max(0,d+c):c:0;for(;c<d;c++)if(c in b&&b[c]===a)return c}return-1},merge:function(a,c){var d=c.length,e=a.length,f=0;if(typeof d=="number")for(;f<d;f++)a[e++]=c[f];else while(c[f]!==b)a[e++]=c[f++];return a.length=e,a},grep:function(a,b,c){var d,e=[],f=0,g=a.length;c=!!c;for(;f<g;f++)d=!!b(a[f],f),c!==d&&e.push(a[f]);return e},map:function(a,c,d){var e,f,g=[],h=0,i=a.length,j=a instanceof p||i!==b&&typeof i=="number"&&(i>0&&a[0]&&a[i-1]||i===0||p.isArray(a));if(j)for(;h<i;h++)e=c(a[h],h,d),e!=null&&(g[g.length]=e);else for(f in a)e=c(a[f],f,d),e!=null&&(g[g.length]=e);return g.concat.apply([],g)},guid:1,proxy:function(a,c){var d,e,f;return typeof c=="string"&&(d=a[c],c=a,a=d),p.isFunction(a)?(e=k.call(arguments,2),f=function(){return a.apply(c,e.concat(k.call(arguments)))},f.guid=a.guid=a.guid||f.guid||p.guid++,f):b},access:function(a,c,d,e,f,g,h){var i,j=d==null,k=0,l=a.length;if(d&&typeof d=="object"){for(k in d)p.access(a,c,k,d[k],1,g,e);f=1}else if(e!==b){i=h===b&&p.isFunction(e),j&&(i?(i=c,c=function(a,b,c){return i.call(p(a),c)}):(c.call(a,e),c=null));if(c)for(;k<l;k++)c(a[k],d,i?e.call(a[k],k,c(a[k],d)):e,h);f=1}return f?a:j?c.call(a):l?c(a[0],d):g},now:function(){return(new Date).getTime()}}),p.ready.promise=function(b){if(!d){d=p.Deferred();if(e.readyState==="complete"||e.readyState!=="loading"&&e.addEventListener)setTimeout(p.ready,1);else if(e.addEventListener)e.addEventListener("DOMContentLoaded",D,!1),a.addEventListener("load",p.ready,!1);else{e.attachEvent("onreadystatechange",D),a.attachEvent("onload",p.ready);var c=!1;try{c=a.frameElement==null&&e.documentElement}catch(f){}c&&c.doScroll&&function g(){if(!p.isReady){try{c.doScroll("left")}catch(a){return setTimeout(g,50)}p.ready()}}()}}return d.promise(b)},p.each("Boolean Number String Function Array Date RegExp Object".split(" "),function(a,b){E["[object "+b+"]"]=b.toLowerCase()}),c=p(e);var F={};p.Callbacks=function(a){a=typeof a=="string"?F[a]||G(a):p.extend({},a);var c,d,e,f,g,h,i=[],j=!a.once&&[],k=function(b){c=a.memory&&b,d=!0,h=f||0,f=0,g=i.length,e=!0;for(;i&&h<g;h++)if(i[h].apply(b[0],b[1])===!1&&a.stopOnFalse){c=!1;break}e=!1,i&&(j?j.length&&k(j.shift()):c?i=[]:l.disable())},l={add:function(){if(i){var b=i.length;(function d(b){p.each(b,function(b,c){p.isFunction(c)&&(!a.unique||!l.has(c))?i.push(c):c&&c.length&&d(c)})})(arguments),e?g=i.length:c&&(f=b,k(c))}return this},remove:function(){return i&&p.each(arguments,function(a,b){var c;while((c=p.inArray(b,i,c))>-1)i.splice(c,1),e&&(c<=g&&g--,c<=h&&h--)}),this},has:function(a){return p.inArray(a,i)>-1},empty:function(){return i=[],this},disable:function(){return i=j=c=b,this},disabled:function(){return!i},lock:function(){return j=b,c||l.disable(),this},locked:function(){return!j},fireWith:function(a,b){return b=b||[],b=[a,b.slice?b.slice():b],i&&(!d||j)&&(e?j.push(b):k(b)),this},fire:function(){return l.fireWith(this,arguments),this},fired:function(){return!!d}};return l},p.extend({Deferred:function(a){var b=[["resolve","done",p.Callbacks("once memory"),"resolved"],["reject","fail",p.Callbacks("once memory"),"rejected"],["notify","progress",p.Callbacks("memory")]],c="pending",d={state:function(){return c},always:function(){return e.done(arguments).fail(arguments),this},then:function(){var a=arguments;return p.Deferred(function(c){p.each(b,function(b,d){var f=d[0],g=a[b];e[d[1]](p.isFunction(g)?function(){var a=g.apply(this,arguments);a&&p.isFunction(a.promise)?a.promise().done(c.resolve).fail(c.reject).progress(c.notify):c[f+"With"](this===e?c:this,[a])}:c[f])}),a=null}).promise()},promise:function(a){return typeof a=="object"?p.extend(a,d):d}},e={};return d.pipe=d.then,p.each(b,function(a,f){var g=f[2],h=f[3];d[f[1]]=g.add,h&&g.add(function(){c=h},b[a^1][2].disable,b[2][2].lock),e[f[0]]=g.fire,e[f[0]+"With"]=g.fireWith}),d.promise(e),a&&a.call(e,e),e},when:function(a){var b=0,c=k.call(arguments),d=c.length,e=d!==1||a&&p.isFunction(a.promise)?d:0,f=e===1?a:p.Deferred(),g=function(a,b,c){return function(d){b[a]=this,c[a]=arguments.length>1?k.call(arguments):d,c===h?f.notifyWith(b,c):--e||f.resolveWith(b,c)}},h,i,j;if(d>1){h=new Array(d),i=new Array(d),j=new Array(d);for(;b<d;b++)c[b]&&p.isFunction(c[b].promise)?c[b].promise().done(g(b,j,c)).fail(f.reject).progress(g(b,i,h)):--e}return e||f.resolveWith(j,c),f.promise()}}),p.support=function(){var b,c,d,f,g,h,i,j,k,l,m,n=e.createElement("div");n.setAttribute("className","t"),n.innerHTML="  <link/><table></table><a href='/a'>a</a><input type='checkbox'/>",c=n.getElementsByTagName("*"),d=n.getElementsByTagName("a")[0],d.style.cssText="top:1px;float:left;opacity:.5";if(!c||!c.length||!d)return{};f=e.createElement("select"),g=f.appendChild(e.createElement("option")),h=n.getElementsByTagName("input")[0],b={leadingWhitespace:n.firstChild.nodeType===3,tbody:!n.getElementsByTagName("tbody").length,htmlSerialize:!!n.getElementsByTagName("link").length,style:/top/.test(d.getAttribute("style")),hrefNormalized:d.getAttribute("href")==="/a",opacity:/^0.5/.test(d.style.opacity),cssFloat:!!d.style.cssFloat,checkOn:h.value==="on",optSelected:g.selected,getSetAttribute:n.className!=="t",enctype:!!e.createElement("form").enctype,html5Clone:e.createElement("nav").cloneNode(!0).outerHTML!=="<:nav></:nav>",boxModel:e.compatMode==="CSS1Compat",submitBubbles:!0,changeBubbles:!0,focusinBubbles:!1,deleteExpando:!0,noCloneEvent:!0,inlineBlockNeedsLayout:!1,shrinkWrapBlocks:!1,reliableMarginRight:!0,boxSizingReliable:!0,pixelPosition:!1},h.checked=!0,b.noCloneChecked=h.cloneNode(!0).checked,f.disabled=!0,b.optDisabled=!g.disabled;try{delete n.test}catch(o){b.deleteExpando=!1}!n.addEventListener&&n.attachEvent&&n.fireEvent&&(n.attachEvent("onclick",m=function(){b.noCloneEvent=!1}),n.cloneNode(!0).fireEvent("onclick"),n.detachEvent("onclick",m)),h=e.createElement("input"),h.value="t",h.setAttribute("type","radio"),b.radioValue=h.value==="t",h.setAttribute("checked","checked"),h.setAttribute("name","t"),n.appendChild(h),i=e.createDocumentFragment(),i.appendChild(n.lastChild),b.checkClone=i.cloneNode(!0).cloneNode(!0).lastChild.checked,b.appendChecked=h.checked,i.removeChild(h),i.appendChild(n);if(n.attachEvent)for(k in{submit:!0,change:!0,focusin:!0})j="on"+k,l=j in n,l||(n.setAttribute(j,"return;"),l=typeof n[j]=="function"),b[k+"Bubbles"]=l;return p(function(){var c,d,f,g,h="padding:0;margin:0;border:0;display:block;overflow:hidden;",i=e.getElementsByTagName("body")[0];if(!i)return;c=e.createElement("div"),c.style.cssText="visibility:hidden;border:0;width:0;height:0;position:static;top:0;margin-top:1px",i.insertBefore(c,i.firstChild),d=e.createElement("div"),c.appendChild(d),d.innerHTML="<table><tr><td></td><td>t</td></tr></table>",f=d.getElementsByTagName("td"),f[0].style.cssText="padding:0;margin:0;border:0;display:none",l=f[0].offsetHeight===0,f[0].style.display="",f[1].style.display="none",b.reliableHiddenOffsets=l&&f[0].offsetHeight===0,d.innerHTML="",d.style.cssText="box-sizing:border-box;-moz-box-sizing:border-box;-webkit-box-sizing:border-box;padding:1px;border:1px;display:block;width:4px;margin-top:1%;position:absolute;top:1%;",b.boxSizing=d.offsetWidth===4,b.doesNotIncludeMarginInBodyOffset=i.offsetTop!==1,a.getComputedStyle&&(b.pixelPosition=(a.getComputedStyle(d,null)||{}).top!=="1%",b.boxSizingReliable=(a.getComputedStyle(d,null)||{width:"4px"}).width==="4px",g=e.createElement("div"),g.style.cssText=d.style.cssText=h,g.style.marginRight=g.style.width="0",d.style.width="1px",d.appendChild(g),b.reliableMarginRight=!parseFloat((a.getComputedStyle(g,null)||{}).marginRight)),typeof d.style.zoom!="undefined"&&(d.innerHTML="",d.style.cssText=h+"width:1px;padding:1px;display:inline;zoom:1",b.inlineBlockNeedsLayout=d.offsetWidth===3,d.style.display="block",d.style.overflow="visible",d.innerHTML="<div></div>",d.firstChild.style.width="5px",b.shrinkWrapBlocks=d.offsetWidth!==3,c.style.zoom=1),i.removeChild(c),c=d=f=g=null}),i.removeChild(n),c=d=f=g=h=i=n=null,b}();var H=/^(?:\{.*\}|\[.*\])$/,I=/([A-Z])/g;p.extend({cache:{},deletedIds:[],uuid:0,expando:"jQuery"+(p.fn.jquery+Math.random()).replace(/\D/g,""),noData:{embed:!0,object:"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000",applet:!0},hasData:function(a){return a=a.nodeType?p.cache[a[p.expando]]:a[p.expando],!!a&&!K(a)},data:function(a,c,d,e){if(!p.acceptData(a))return;var f,g,h=p.expando,i=typeof c=="string",j=a.nodeType,k=j?p.cache:a,l=j?a[h]:a[h]&&h;if((!l||!k[l]||!e&&!k[l].data)&&i&&d===b)return;l||(j?a[h]=l=p.deletedIds.pop()||++p.uuid:l=h),k[l]||(k[l]={},j||(k[l].toJSON=p.noop));if(typeof c=="object"||typeof c=="function")e?k[l]=p.extend(k[l],c):k[l].data=p.extend(k[l].data,c);return f=k[l],e||(f.data||(f.data={}),f=f.data),d!==b&&(f[p.camelCase(c)]=d),i?(g=f[c],g==null&&(g=f[p.camelCase(c)])):g=f,g},removeData:function(a,b,c){if(!p.acceptData(a))return;var d,e,f,g=a.nodeType,h=g?p.cache:a,i=g?a[p.expando]:p.expando;if(!h[i])return;if(b){d=c?h[i]:h[i].data;if(d){p.isArray(b)||(b in d?b=[b]:(b=p.camelCase(b),b in d?b=[b]:b=b.split(" ")));for(e=0,f=b.length;e<f;e++)delete d[b[e]];if(!(c?K:p.isEmptyObject)(d))return}}if(!c){delete h[i].data;if(!K(h[i]))return}g?p.cleanData([a],!0):p.support.deleteExpando||h!=h.window?delete h[i]:h[i]=null},_data:function(a,b,c){return p.data(a,b,c,!0)},acceptData:function(a){var b=a.nodeName&&p.noData[a.nodeName.toLowerCase()];return!b||b!==!0&&a.getAttribute("classid")===b}}),p.fn.extend({data:function(a,c){var d,e,f,g,h,i=this[0],j=0,k=null;if(a===b){if(this.length){k=p.data(i);if(i.nodeType===1&&!p._data(i,"parsedAttrs")){f=i.attributes;for(h=f.length;j<h;j++)g=f[j].name,g.indexOf("data-")===0&&(g=p.camelCase(g.substring(5)),J(i,g,k[g]));p._data(i,"parsedAttrs",!0)}}return k}return typeof a=="object"?this.each(function(){p.data(this,a)}):(d=a.split(".",2),d[1]=d[1]?"."+d[1]:"",e=d[1]+"!",p.access(this,function(c){if(c===b)return k=this.triggerHandler("getData"+e,[d[0]]),k===b&&i&&(k=p.data(i,a),k=J(i,a,k)),k===b&&d[1]?this.data(d[0]):k;d[1]=c,this.each(function(){var b=p(this);b.triggerHandler("setData"+e,d),p.data(this,a,c),b.triggerHandler("changeData"+e,d)})},null,c,arguments.length>1,null,!1))},removeData:function(a){return this.each(function(){p.removeData(this,a)})}}),p.extend({queue:function(a,b,c){var d;if(a)return b=(b||"fx")+"queue",d=p._data(a,b),c&&(!d||p.isArray(c)?d=p._data(a,b,p.makeArray(c)):d.push(c)),d||[]},dequeue:function(a,b){b=b||"fx";var c=p.queue(a,b),d=c.shift(),e=p._queueHooks(a,b),f=function(){p.dequeue(a,b)};d==="inprogress"&&(d=c.shift()),d&&(b==="fx"&&c.unshift("inprogress"),delete e.stop,d.call(a,f,e)),!c.length&&e&&e.empty.fire()},_queueHooks:function(a,b){var c=b+"queueHooks";return p._data(a,c)||p._data(a,c,{empty:p.Callbacks("once memory").add(function(){p.removeData(a,b+"queue",!0),p.removeData(a,c,!0)})})}}),p.fn.extend({queue:function(a,c){var d=2;return typeof a!="string"&&(c=a,a="fx",d--),arguments.length<d?p.queue(this[0],a):c===b?this:this.each(function(){var b=p.queue(this,a,c);p._queueHooks(this,a),a==="fx"&&b[0]!=="inprogress"&&p.dequeue(this,a)})},dequeue:function(a){return this.each(function(){p.dequeue(this,a)})},delay:function(a,b){return a=p.fx?p.fx.speeds[a]||a:a,b=b||"fx",this.queue(b,function(b,c){var d=setTimeout(b,a);c.stop=function(){clearTimeout(d)}})},clearQueue:function(a){return this.queue(a||"fx",[])},promise:function(a,c){var d,e=1,f=p.Deferred(),g=this,h=this.length,i=function(){--e||f.resolveWith(g,[g])};typeof a!="string"&&(c=a,a=b),a=a||"fx";while(h--)(d=p._data(g[h],a+"queueHooks"))&&d.empty&&(e++,d.empty.add(i));return i(),f.promise(c)}});var L,M,N,O=/[\t\r\n]/g,P=/\r/g,Q=/^(?:button|input)$/i,R=/^(?:button|input|object|select|textarea)$/i,S=/^a(?:rea|)$/i,T=/^(?:autofocus|autoplay|async|checked|controls|defer|disabled|hidden|loop|multiple|open|readonly|required|scoped|selected)$/i,U=p.support.getSetAttribute;p.fn.extend({attr:function(a,b){return p.access(this,p.attr,a,b,arguments.length>1)},removeAttr:function(a){return this.each(function(){p.removeAttr(this,a)})},prop:function(a,b){return p.access(this,p.prop,a,b,arguments.length>1)},removeProp:function(a){return a=p.propFix[a]||a,this.each(function(){try{this[a]=b,delete this[a]}catch(c){}})},addClass:function(a){var b,c,d,e,f,g,h;if(p.isFunction(a))return this.each(function(b){p(this).addClass(a.call(this,b,this.className))});if(a&&typeof a=="string"){b=a.split(s);for(c=0,d=this.length;c<d;c++){e=this[c];if(e.nodeType===1)if(!e.className&&b.length===1)e.className=a;else{f=" "+e.className+" ";for(g=0,h=b.length;g<h;g++)~f.indexOf(" "+b[g]+" ")||(f+=b[g]+" ");e.className=p.trim(f)}}}return this},removeClass:function(a){var c,d,e,f,g,h,i;if(p.isFunction(a))return this.each(function(b){p(this).removeClass(a.call(this,b,this.className))});if(a&&typeof a=="string"||a===b){c=(a||"").split(s);for(h=0,i=this.length;h<i;h++){e=this[h];if(e.nodeType===1&&e.className){d=(" "+e.className+" ").replace(O," ");for(f=0,g=c.length;f<g;f++)while(d.indexOf(" "+c[f]+" ")>-1)d=d.replace(" "+c[f]+" "," ");e.className=a?p.trim(d):""}}}return this},toggleClass:function(a,b){var c=typeof a,d=typeof b=="boolean";return p.isFunction(a)?this.each(function(c){p(this).toggleClass(a.call(this,c,this.className,b),b)}):this.each(function(){if(c==="string"){var e,f=0,g=p(this),h=b,i=a.split(s);while(e=i[f++])h=d?h:!g.hasClass(e),g[h?"addClass":"removeClass"](e)}else if(c==="undefined"||c==="boolean")this.className&&p._data(this,"__className__",this.className),this.className=this.className||a===!1?"":p._data(this,"__className__")||""})},hasClass:function(a){var b=" "+a+" ",c=0,d=this.length;for(;c<d;c++)if(this[c].nodeType===1&&(" "+this[c].className+" ").replace(O," ").indexOf(b)>-1)return!0;return!1},val:function(a){var c,d,e,f=this[0];if(!arguments.length){if(f)return c=p.valHooks[f.type]||p.valHooks[f.nodeName.toLowerCase()],c&&"get"in c&&(d=c.get(f,"value"))!==b?d:(d=f.value,typeof d=="string"?d.replace(P,""):d==null?"":d);return}return e=p.isFunction(a),this.each(function(d){var f,g=p(this);if(this.nodeType!==1)return;e?f=a.call(this,d,g.val()):f=a,f==null?f="":typeof f=="number"?f+="":p.isArray(f)&&(f=p.map(f,function(a){return a==null?"":a+""})),c=p.valHooks[this.type]||p.valHooks[this.nodeName.toLowerCase()];if(!c||!("set"in c)||c.set(this,f,"value")===b)this.value=f})}}),p.extend({valHooks:{option:{get:function(a){var b=a.attributes.value;return!b||b.specified?a.value:a.text}},select:{get:function(a){var b,c,d,e,f=a.selectedIndex,g=[],h=a.options,i=a.type==="select-one";if(f<0)return null;c=i?f:0,d=i?f+1:h.length;for(;c<d;c++){e=h[c];if(e.selected&&(p.support.optDisabled?!e.disabled:e.getAttribute("disabled")===null)&&(!e.parentNode.disabled||!p.nodeName(e.parentNode,"optgroup"))){b=p(e).val();if(i)return b;g.push(b)}}return i&&!g.length&&h.length?p(h[f]).val():g},set:function(a,b){var c=p.makeArray(b);return p(a).find("option").each(function(){this.selected=p.inArray(p(this).val(),c)>=0}),c.length||(a.selectedIndex=-1),c}}},attrFn:{},attr:function(a,c,d,e){var f,g,h,i=a.nodeType;if(!a||i===3||i===8||i===2)return;if(e&&p.isFunction(p.fn[c]))return p(a)[c](d);if(typeof a.getAttribute=="undefined")return p.prop(a,c,d);h=i!==1||!p.isXMLDoc(a),h&&(c=c.toLowerCase(),g=p.attrHooks[c]||(T.test(c)?M:L));if(d!==b){if(d===null){p.removeAttr(a,c);return}return g&&"set"in g&&h&&(f=g.set(a,d,c))!==b?f:(a.setAttribute(c,""+d),d)}return g&&"get"in g&&h&&(f=g.get(a,c))!==null?f:(f=a.getAttribute(c),f===null?b:f)},removeAttr:function(a,b){var c,d,e,f,g=0;if(b&&a.nodeType===1){d=b.split(s);for(;g<d.length;g++)e=d[g],e&&(c=p.propFix[e]||e,f=T.test(e),f||p.attr(a,e,""),a.removeAttribute(U?e:c),f&&c in a&&(a[c]=!1))}},attrHooks:{type:{set:function(a,b){if(Q.test(a.nodeName)&&a.parentNode)p.error("type property can't be changed");else if(!p.support.radioValue&&b==="radio"&&p.nodeName(a,"input")){var c=a.value;return a.setAttribute("type",b),c&&(a.value=c),b}}},value:{get:function(a,b){return L&&p.nodeName(a,"button")?L.get(a,b):b in a?a.value:null},set:function(a,b,c){if(L&&p.nodeName(a,"button"))return L.set(a,b,c);a.value=b}}},propFix:{tabindex:"tabIndex",readonly:"readOnly","for":"htmlFor","class":"className",maxlength:"maxLength",cellspacing:"cellSpacing",cellpadding:"cellPadding",rowspan:"rowSpan",colspan:"colSpan",usemap:"useMap",frameborder:"frameBorder",contenteditable:"contentEditable"},prop:function(a,c,d){var e,f,g,h=a.nodeType;if(!a||h===3||h===8||h===2)return;return g=h!==1||!p.isXMLDoc(a),g&&(c=p.propFix[c]||c,f=p.propHooks[c]),d!==b?f&&"set"in f&&(e=f.set(a,d,c))!==b?e:a[c]=d:f&&"get"in f&&(e=f.get(a,c))!==null?e:a[c]},propHooks:{tabIndex:{get:function(a){var c=a.getAttributeNode("tabindex");return c&&c.specified?parseInt(c.value,10):R.test(a.nodeName)||S.test(a.nodeName)&&a.href?0:b}}}}),M={get:function(a,c){var d,e=p.prop(a,c);return e===!0||typeof e!="boolean"&&(d=a.getAttributeNode(c))&&d.nodeValue!==!1?c.toLowerCase():b},set:function(a,b,c){var d;return b===!1?p.removeAttr(a,c):(d=p.propFix[c]||c,d in a&&(a[d]=!0),a.setAttribute(c,c.toLowerCase())),c}},U||(N={name:!0,id:!0,coords:!0},L=p.valHooks.button={get:function(a,c){var d;return d=a.getAttributeNode(c),d&&(N[c]?d.value!=="":d.specified)?d.value:b},set:function(a,b,c){var d=a.getAttributeNode(c);return d||(d=e.createAttribute(c),a.setAttributeNode(d)),d.value=b+""}},p.each(["width","height"],function(a,b){p.attrHooks[b]=p.extend(p.attrHooks[b],{set:function(a,c){if(c==="")return a.setAttribute(b,"auto"),c}})}),p.attrHooks.contenteditable={get:L.get,set:function(a,b,c){b===""&&(b="false"),L.set(a,b,c)}}),p.support.hrefNormalized||p.each(["href","src","width","height"],function(a,c){p.attrHooks[c]=p.extend(p.attrHooks[c],{get:function(a){var d=a.getAttribute(c,2);return d===null?b:d}})}),p.support.style||(p.attrHooks.style={get:function(a){return a.style.cssText.toLowerCase()||b},set:function(a,b){return a.style.cssText=""+b}}),p.support.optSelected||(p.propHooks.selected=p.extend(p.propHooks.selected,{get:function(a){var b=a.parentNode;return b&&(b.selectedIndex,b.parentNode&&b.parentNode.selectedIndex),null}})),p.support.enctype||(p.propFix.enctype="encoding"),p.support.checkOn||p.each(["radio","checkbox"],function(){p.valHooks[this]={get:function(a){return a.getAttribute("value")===null?"on":a.value}}}),p.each(["radio","checkbox"],function(){p.valHooks[this]=p.extend(p.valHooks[this],{set:function(a,b){if(p.isArray(b))return a.checked=p.inArray(p(a).val(),b)>=0}})});var V=/^(?:textarea|input|select)$/i,W=/^([^\.]*|)(?:\.(.+)|)$/,X=/(?:^|\s)hover(\.\S+|)\b/,Y=/^key/,Z=/^(?:mouse|contextmenu)|click/,$=/^(?:focusinfocus|focusoutblur)$/,_=function(a){return p.event.special.hover?a:a.replace(X,"mouseenter$1 mouseleave$1")};p.event={add:function(a,c,d,e,f){var g,h,i,j,k,l,m,n,o,q,r;if(a.nodeType===3||a.nodeType===8||!c||!d||!(g=p._data(a)))return;d.handler&&(o=d,d=o.handler,f=o.selector),d.guid||(d.guid=p.guid++),i=g.events,i||(g.events=i={}),h=g.handle,h||(g.handle=h=function(a){return typeof p!="undefined"&&(!a||p.event.triggered!==a.type)?p.event.dispatch.apply(h.elem,arguments):b},h.elem=a),c=p.trim(_(c)).split(" ");for(j=0;j<c.length;j++){k=W.exec(c[j])||[],l=k[1],m=(k[2]||"").split(".").sort(),r=p.event.special[l]||{},l=(f?r.delegateType:r.bindType)||l,r=p.event.special[l]||{},n=p.extend({type:l,origType:k[1],data:e,handler:d,guid:d.guid,selector:f,namespace:m.join(".")},o),q=i[l];if(!q){q=i[l]=[],q.delegateCount=0;if(!r.setup||r.setup.call(a,e,m,h)===!1)a.addEventListener?a.addEventListener(l,h,!1):a.attachEvent&&a.attachEvent("on"+l,h)}r.add&&(r.add.call(a,n),n.handler.guid||(n.handler.guid=d.guid)),f?q.splice(q.delegateCount++,0,n):q.push(n),p.event.global[l]=!0}a=null},global:{},remove:function(a,b,c,d,e){var f,g,h,i,j,k,l,m,n,o,q,r=p.hasData(a)&&p._data(a);if(!r||!(m=r.events))return;b=p.trim(_(b||"")).split(" ");for(f=0;f<b.length;f++){g=W.exec(b[f])||[],h=i=g[1],j=g[2];if(!h){for(h in m)p.event.remove(a,h+b[f],c,d,!0);continue}n=p.event.special[h]||{},h=(d?n.delegateType:n.bindType)||h,o=m[h]||[],k=o.length,j=j?new RegExp("(^|\\.)"+j.split(".").sort().join("\\.(?:.*\\.|)")+"(\\.|$)"):null;for(l=0;l<o.length;l++)q=o[l],(e||i===q.origType)&&(!c||c.guid===q.guid)&&(!j||j.test(q.namespace))&&(!d||d===q.selector||d==="**"&&q.selector)&&(o.splice(l--,1),q.selector&&o.delegateCount--,n.remove&&n.remove.call(a,q));o.length===0&&k!==o.length&&((!n.teardown||n.teardown.call(a,j,r.handle)===!1)&&p.removeEvent(a,h,r.handle),delete m[h])}p.isEmptyObject(m)&&(delete r.handle,p.removeData(a,"events",!0))},customEvent:{getData:!0,setData:!0,changeData:!0},trigger:function(c,d,f,g){if(!f||f.nodeType!==3&&f.nodeType!==8){var h,i,j,k,l,m,n,o,q,r,s=c.type||c,t=[];if($.test(s+p.event.triggered))return;s.indexOf("!")>=0&&(s=s.slice(0,-1),i=!0),s.indexOf(".")>=0&&(t=s.split("."),s=t.shift(),t.sort());if((!f||p.event.customEvent[s])&&!p.event.global[s])return;c=typeof c=="object"?c[p.expando]?c:new p.Event(s,c):new p.Event(s),c.type=s,c.isTrigger=!0,c.exclusive=i,c.namespace=t.join("."),c.namespace_re=c.namespace?new RegExp("(^|\\.)"+t.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,m=s.indexOf(":")<0?"on"+s:"";if(!f){h=p.cache;for(j in h)h[j].events&&h[j].events[s]&&p.event.trigger(c,d,h[j].handle.elem,!0);return}c.result=b,c.target||(c.target=f),d=d!=null?p.makeArray(d):[],d.unshift(c),n=p.event.special[s]||{};if(n.trigger&&n.trigger.apply(f,d)===!1)return;q=[[f,n.bindType||s]];if(!g&&!n.noBubble&&!p.isWindow(f)){r=n.delegateType||s,k=$.test(r+s)?f:f.parentNode;for(l=f;k;k=k.parentNode)q.push([k,r]),l=k;l===(f.ownerDocument||e)&&q.push([l.defaultView||l.parentWindow||a,r])}for(j=0;j<q.length&&!c.isPropagationStopped();j++)k=q[j][0],c.type=q[j][1],o=(p._data(k,"events")||{})[c.type]&&p._data(k,"handle"),o&&o.apply(k,d),o=m&&k[m],o&&p.acceptData(k)&&o.apply(k,d)===!1&&c.preventDefault();return c.type=s,!g&&!c.isDefaultPrevented()&&(!n._default||n._default.apply(f.ownerDocument,d)===!1)&&(s!=="click"||!p.nodeName(f,"a"))&&p.acceptData(f)&&m&&f[s]&&(s!=="focus"&&s!=="blur"||c.target.offsetWidth!==0)&&!p.isWindow(f)&&(l=f[m],l&&(f[m]=null),p.event.triggered=s,f[s](),p.event.triggered=b,l&&(f[m]=l)),c.result}return},dispatch:function(c){c=p.event.fix(c||a.event);var d,e,f,g,h,i,j,k,l,m,n,o=(p._data(this,"events")||{})[c.type]||[],q=o.delegateCount,r=[].slice.call(arguments),s=!c.exclusive&&!c.namespace,t=p.event.special[c.type]||{},u=[];r[0]=c,c.delegateTarget=this;if(t.preDispatch&&t.preDispatch.call(this,c)===!1)return;if(q&&(!c.button||c.type!=="click")){g=p(this),g.context=this;for(f=c.target;f!=this;f=f.parentNode||this)if(f.disabled!==!0||c.type!=="click"){i={},k=[],g[0]=f;for(d=0;d<q;d++)l=o[d],m=l.selector,i[m]===b&&(i[m]=g.is(m)),i[m]&&k.push(l);k.length&&u.push({elem:f,matches:k})}}o.length>q&&u.push({elem:this,matches:o.slice(q)});for(d=0;d<u.length&&!c.isPropagationStopped();d++){j=u[d],c.currentTarget=j.elem;for(e=0;e<j.matches.length&&!c.isImmediatePropagationStopped();e++){l=j.matches[e];if(s||!c.namespace&&!l.namespace||c.namespace_re&&c.namespace_re.test(l.namespace))c.data=l.data,c.handleObj=l,h=((p.event.special[l.origType]||{}).handle||l.handler).apply(j.elem,r),h!==b&&(c.result=h,h===!1&&(c.preventDefault(),c.stopPropagation()))}}return t.postDispatch&&t.postDispatch.call(this,c),c.result},props:"attrChange attrName relatedNode srcElement altKey bubbles cancelable ctrlKey currentTarget eventPhase metaKey relatedTarget shiftKey target timeStamp view which".split(" "),fixHooks:{},keyHooks:{props:"char charCode key keyCode".split(" "),filter:function(a,b){return a.which==null&&(a.which=b.charCode!=null?b.charCode:b.keyCode),a}},mouseHooks:{props:"button buttons clientX clientY fromElement offsetX offsetY pageX pageY screenX screenY toElement".split(" "),filter:function(a,c){var d,f,g,h=c.button,i=c.fromElement;return a.pageX==null&&c.clientX!=null&&(d=a.target.ownerDocument||e,f=d.documentElement,g=d.body,a.pageX=c.clientX+(f&&f.scrollLeft||g&&g.scrollLeft||0)-(f&&f.clientLeft||g&&g.clientLeft||0),a.pageY=c.clientY+(f&&f.scrollTop||g&&g.scrollTop||0)-(f&&f.clientTop||g&&g.clientTop||0)),!a.relatedTarget&&i&&(a.relatedTarget=i===a.target?c.toElement:i),!a.which&&h!==b&&(a.which=h&1?1:h&2?3:h&4?2:0),a}},fix:function(a){if(a[p.expando])return a;var b,c,d=a,f=p.event.fixHooks[a.type]||{},g=f.props?this.props.concat(f.props):this.props;a=p.Event(d);for(b=g.length;b;)c=g[--b],a[c]=d[c];return a.target||(a.target=d.srcElement||e),a.target.nodeType===3&&(a.target=a.target.parentNode),a.metaKey=!!a.metaKey,f.filter?f.filter(a,d):a},special:{ready:{setup:p.bindReady},load:{noBubble:!0},focus:{delegateType:"focusin"},blur:{delegateType:"focusout"},beforeunload:{setup:function(a,b,c){p.isWindow(this)&&(this.onbeforeunload=c)},teardown:function(a,b){this.onbeforeunload===b&&(this.onbeforeunload=null)}}},simulate:function(a,b,c,d){var e=p.extend(new p.Event,c,{type:a,isSimulated:!0,originalEvent:{}});d?p.event.trigger(e,null,b):p.event.dispatch.call(b,e),e.isDefaultPrevented()&&c.preventDefault()}},p.event.handle=p.event.dispatch,p.removeEvent=e.removeEventListener?function(a,b,c){a.removeEventListener&&a.removeEventListener(b,c,!1)}:function(a,b,c){var d="on"+b;a.detachEvent&&(typeof a[d]=="undefined"&&(a[d]=null),a.detachEvent(d,c))},p.Event=function(a,b){if(this instanceof p.Event)a&&a.type?(this.originalEvent=a,this.type=a.type,this.isDefaultPrevented=a.defaultPrevented||a.returnValue===!1||a.getPreventDefault&&a.getPreventDefault()?bb:ba):this.type=a,b&&p.extend(this,b),this.timeStamp=a&&a.timeStamp||p.now(),this[p.expando]=!0;else return new p.Event(a,b)},p.Event.prototype={preventDefault:function(){this.isDefaultPrevented=bb;var a=this.originalEvent;if(!a)return;a.preventDefault?a.preventDefault():a.returnValue=!1},stopPropagation:function(){this.isPropagationStopped=bb;var a=this.originalEvent;if(!a)return;a.stopPropagation&&a.stopPropagation(),a.cancelBubble=!0},stopImmediatePropagation:function(){this.isImmediatePropagationStopped=bb,this.stopPropagation()},isDefaultPrevented:ba,isPropagationStopped:ba,isImmediatePropagationStopped:ba},p.each({mouseenter:"mouseover",mouseleave:"mouseout"},function(a,b){p.event.special[a]={delegateType:b,bindType:b,handle:function(a){var c,d=this,e=a.relatedTarget,f=a.handleObj,g=f.selector;if(!e||e!==d&&!p.contains(d,e))a.type=f.origType,c=f.handler.apply(this,arguments),a.type=b;return c}}}),p.support.submitBubbles||(p.event.special.submit={setup:function(){if(p.nodeName(this,"form"))return!1;p.event.add(this,"click._submit keypress._submit",function(a){var c=a.target,d=p.nodeName(c,"input")||p.nodeName(c,"button")?c.form:b;d&&!p._data(d,"_submit_attached")&&(p.event.add(d,"submit._submit",function(a){a._submit_bubble=!0}),p._data(d,"_submit_attached",!0))})},postDispatch:function(a){a._submit_bubble&&(delete a._submit_bubble,this.parentNode&&!a.isTrigger&&p.event.simulate("submit",this.parentNode,a,!0))},teardown:function(){if(p.nodeName(this,"form"))return!1;p.event.remove(this,"._submit")}}),p.support.changeBubbles||(p.event.special.change={setup:function(){if(V.test(this.nodeName)){if(this.type==="checkbox"||this.type==="radio")p.event.add(this,"propertychange._change",function(a){a.originalEvent.propertyName==="checked"&&(this._just_changed=!0)}),p.event.add(this,"click._change",function(a){this._just_changed&&!a.isTrigger&&(this._just_changed=!1),p.event.simulate("change",this,a,!0)});return!1}p.event.add(this,"beforeactivate._change",function(a){var b=a.target;V.test(b.nodeName)&&!p._data(b,"_change_attached")&&(p.event.add(b,"change._change",function(a){this.parentNode&&!a.isSimulated&&!a.isTrigger&&p.event.simulate("change",this.parentNode,a,!0)}),p._data(b,"_change_attached",!0))})},handle:function(a){var b=a.target;if(this!==b||a.isSimulated||a.isTrigger||b.type!=="radio"&&b.type!=="checkbox")return a.handleObj.handler.apply(this,arguments)},teardown:function(){return p.event.remove(this,"._change"),V.test(this.nodeName)}}),p.support.focusinBubbles||p.each({focus:"focusin",blur:"focusout"},function(a,b){var c=0,d=function(a){p.event.simulate(b,a.target,p.event.fix(a),!0)};p.event.special[b]={setup:function(){c++===0&&e.addEventListener(a,d,!0)},teardown:function(){--c===0&&e.removeEventListener(a,d,!0)}}}),p.fn.extend({on:function(a,c,d,e,f){var g,h;if(typeof a=="object"){typeof c!="string"&&(d=d||c,c=b);for(h in a)this.on(h,c,d,a[h],f);return this}d==null&&e==null?(e=c,d=c=b):e==null&&(typeof c=="string"?(e=d,d=b):(e=d,d=c,c=b));if(e===!1)e=ba;else if(!e)return this;return f===1&&(g=e,e=function(a){return p().off(a),g.apply(this,arguments)},e.guid=g.guid||(g.guid=p.guid++)),this.each(function(){p.event.add(this,a,e,d,c)})},one:function(a,b,c,d){return this.on(a,b,c,d,1)},off:function(a,c,d){var e,f;if(a&&a.preventDefault&&a.handleObj)return e=a.handleObj,p(a.delegateTarget).off(e.namespace?e.origType+"."+e.namespace:e.origType,e.selector,e.handler),this;if(typeof a=="object"){for(f in a)this.off(f,c,a[f]);return this}if(c===!1||typeof c=="function")d=c,c=b;return d===!1&&(d=ba),this.each(function(){p.event.remove(this,a,d,c)})},bind:function(a,b,c){return this.on(a,null,b,c)},unbind:function(a,b){return this.off(a,null,b)},live:function(a,b,c){return p(this.context).on(a,this.selector,b,c),this},die:function(a,b){return p(this.context).off(a,this.selector||"**",b),this},delegate:function(a,b,c,d){return this.on(b,a,c,d)},undelegate:function(a,b,c){return arguments.length==1?this.off(a,"**"):this.off(b,a||"**",c)},trigger:function(a,b){return this.each(function(){p.event.trigger(a,b,this)})},triggerHandler:function(a,b){if(this[0])return p.event.trigger(a,b,this[0],!0)},toggle:function(a){var b=arguments,c=a.guid||p.guid++,d=0,e=function(c){var e=(p._data(this,"lastToggle"+a.guid)||0)%d;return p._data(this,"lastToggle"+a.guid,e+1),c.preventDefault(),b[e].apply(this,arguments)||!1};e.guid=c;while(d<b.length)b[d++].guid=c;return this.click(e)},hover:function(a,b){return this.mouseenter(a).mouseleave(b||a)}}),p.each("blur focus focusin focusout load resize scroll unload click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup error contextmenu".split(" "),function(a,b){p.fn[b]=function(a,c){return c==null&&(c=a,a=null),arguments.length>0?this.on(b,null,a,c):this.trigger(b)},Y.test(b)&&(p.event.fixHooks[b]=p.event.keyHooks),Z.test(b)&&(p.event.fixHooks[b]=p.event.mouseHooks)}),function(a,b){function bd(a,b,c,d){var e=0,f=b.length;for(;e<f;e++)Z(a,b[e],c,d)}function be(a,b,c,d,e,f){var g,h=$.setFilters[b.toLowerCase()];return h||Z.error(b),(a||!(g=e))&&bd(a||"*",d,g=[],e),g.length>0?h(g,c,f):[]}function bf(a,c,d,e,f){var g,h,i,j,k,l,m,n,p=0,q=f.length,s=L.POS,t=new RegExp("^"+s.source+"(?!"+r+")","i"),u=function(){var a=1,c=arguments.length-2;for(;a<c;a++)arguments[a]===b&&(g[a]=b)};for(;p<q;p++){s.exec(""),a=f[p],j=[],i=0,k=e;while(g=s.exec(a)){n=s.lastIndex=g.index+g[0].length;if(n>i){m=a.slice(i,g.index),i=n,l=[c],B.test(m)&&(k&&(l=k),k=e);if(h=H.test(m))m=m.slice(0,-5).replace(B,"$&*");g.length>1&&g[0].replace(t,u),k=be(m,g[1],g[2],l,k,h)}}k?(j=j.concat(k),(m=a.slice(i))&&m!==")"?B.test(m)?bd(m,j,d,e):Z(m,c,d,e?e.concat(k):k):o.apply(d,j)):Z(a,c,d,e)}return q===1?d:Z.uniqueSort(d)}function bg(a,b,c){var d,e,f,g=[],i=0,j=D.exec(a),k=!j.pop()&&!j.pop(),l=k&&a.match(C)||[""],m=$.preFilter,n=$.filter,o=!c&&b!==h;for(;(e=l[i])!=null&&k;i++){g.push(d=[]),o&&(e=" "+e);while(e){k=!1;if(j=B.exec(e))e=e.slice(j[0].length),k=d.push({part:j.pop().replace(A," "),captures:j});for(f in n)(j=L[f].exec(e))&&(!m[f]||(j=m[f](j,b,c)))&&(e=e.slice(j.shift().length),k=d.push({part:f,captures:j}));if(!k)break}}return k||Z.error(a),g}function bh(a,b,e){var f=b.dir,g=m++;return a||(a=function(a){return a===e}),b.first?function(b,c){while(b=b[f])if(b.nodeType===1)return a(b,c)&&b}:function(b,e){var h,i=g+"."+d,j=i+"."+c;while(b=b[f])if(b.nodeType===1){if((h=b[q])===j)return b.sizset;if(typeof h=="string"&&h.indexOf(i)===0){if(b.sizset)return b}else{b[q]=j;if(a(b,e))return b.sizset=!0,b;b.sizset=!1}}}}function bi(a,b){return a?function(c,d){var e=b(c,d);return e&&a(e===!0?c:e,d)}:b}function bj(a,b,c){var d,e,f=0;for(;d=a[f];f++)$.relative[d.part]?e=bh(e,$.relative[d.part],b):(d.captures.push(b,c),e=bi(e,$.filter[d.part].apply(null,d.captures)));return e}function bk(a){return function(b,c){var d,e=0;for(;d=a[e];e++)if(d(b,c))return!0;return!1}}var c,d,e,f,g,h=a.document,i=h.documentElement,j="undefined",k=!1,l=!0,m=0,n=[].slice,o=[].push,q=("sizcache"+Math.random()).replace(".",""),r="[\\x20\\t\\r\\n\\f]",s="(?:\\\\.|[-\\w]|[^\\x00-\\xa0])+",t=s.replace("w","w#"),u="([*^$|!~]?=)",v="\\["+r+"*("+s+")"+r+"*(?:"+u+r+"*(?:(['\"])((?:\\\\.|[^\\\\])*?)\\3|("+t+")|)|)"+r+"*\\]",w=":("+s+")(?:\\((?:(['\"])((?:\\\\.|[^\\\\])*?)\\2|((?:[^,]|\\\\,|(?:,(?=[^\\[]*\\]))|(?:,(?=[^\\(]*\\))))*))\\)|)",x=":(nth|eq|gt|lt|first|last|even|odd)(?:\\((\\d*)\\)|)(?=[^-]|$)",y=r+"*([\\x20\\t\\r\\n\\f>+~])"+r+"*",z="(?=[^\\x20\\t\\r\\n\\f])(?:\\\\.|"+v+"|"+w.replace(2,7)+"|[^\\\\(),])+",A=new RegExp("^"+r+"+|((?:^|[^\\\\])(?:\\\\.)*)"+r+"+$","g"),B=new RegExp("^"+y),C=new RegExp(z+"?(?="+r+"*,|$)","g"),D=new RegExp("^(?:(?!,)(?:(?:^|,)"+r+"*"+z+")*?|"+r+"*(.*?))(\\)|$)"),E=new RegExp(z.slice(19,-6)+"\\x20\\t\\r\\n\\f>+~])+|"+y,"g"),F=/^(?:#([\w\-]+)|(\w+)|\.([\w\-]+))$/,G=/[\x20\t\r\n\f]*[+~]/,H=/:not\($/,I=/h\d/i,J=/input|select|textarea|button/i,K=/\\(?!\\)/g,L={ID:new RegExp("^#("+s+")"),CLASS:new RegExp("^\\.("+s+")"),NAME:new RegExp("^\\[name=['\"]?("+s+")['\"]?\\]"),TAG:new RegExp("^("+s.replace("[-","[-\\*")+")"),ATTR:new RegExp("^"+v),PSEUDO:new RegExp("^"+w),CHILD:new RegExp("^:(only|nth|last|first)-child(?:\\("+r+"*(even|odd|(([+-]|)(\\d*)n|)"+r+"*(?:([+-]|)"+r+"*(\\d+)|))"+r+"*\\)|)","i"),POS:new RegExp(x,"ig"),needsContext:new RegExp("^"+r+"*[>+~]|"+x,"i")},M={},N=[],O={},P=[],Q=function(a){return a.sizzleFilter=!0,a},R=function(a){return function(b){return b.nodeName.toLowerCase()==="input"&&b.type===a}},S=function(a){return function(b){var c=b.nodeName.toLowerCase();return(c==="input"||c==="button")&&b.type===a}},T=function(a){var b=!1,c=h.createElement("div");try{b=a(c)}catch(d){}return c=null,b},U=T(function(a){a.innerHTML="<select></select>";var b=typeof a.lastChild.getAttribute("multiple");return b!=="boolean"&&b!=="string"}),V=T(function(a){a.id=q+0,a.innerHTML="<a name='"+q+"'></a><div name='"+q+"'></div>",i.insertBefore(a,i.firstChild);var b=h.getElementsByName&&h.getElementsByName(q).length===2+h.getElementsByName(q+0).length;return g=!h.getElementById(q),i.removeChild(a),b}),W=T(function(a){return a.appendChild(h.createComment("")),a.getElementsByTagName("*").length===0}),X=T(function(a){return a.innerHTML="<a href='#'></a>",a.firstChild&&typeof a.firstChild.getAttribute!==j&&a.firstChild.getAttribute("href")==="#"}),Y=T(function(a){return a.innerHTML="<div class='hidden e'></div><div class='hidden'></div>",!a.getElementsByClassName||a.getElementsByClassName("e").length===0?!1:(a.lastChild.className="e",a.getElementsByClassName("e").length!==1)}),Z=function(a,b,c,d){c=c||[],b=b||h;var e,f,g,i,j=b.nodeType;if(j!==1&&j!==9)return[];if(!a||typeof a!="string")return c;g=ba(b);if(!g&&!d)if(e=F.exec(a))if(i=e[1]){if(j===9){f=b.getElementById(i);if(!f||!f.parentNode)return c;if(f.id===i)return c.push(f),c}else if(b.ownerDocument&&(f=b.ownerDocument.getElementById(i))&&bb(b,f)&&f.id===i)return c.push(f),c}else{if(e[2])return o.apply(c,n.call(b.getElementsByTagName(a),0)),c;if((i=e[3])&&Y&&b.getElementsByClassName)return o.apply(c,n.call(b.getElementsByClassName(i),0)),c}return bm(a,b,c,d,g)},$=Z.selectors={cacheLength:50,match:L,order:["ID","TAG"],attrHandle:{},createPseudo:Q,find:{ID:g?function(a,b,c){if(typeof b.getElementById!==j&&!c){var d=b.getElementById(a);return d&&d.parentNode?[d]:[]}}:function(a,c,d){if(typeof c.getElementById!==j&&!d){var e=c.getElementById(a);return e?e.id===a||typeof e.getAttributeNode!==j&&e.getAttributeNode("id").value===a?[e]:b:[]}},TAG:W?function(a,b){if(typeof b.getElementsByTagName!==j)return b.getElementsByTagName(a)}:function(a,b){var c=b.getElementsByTagName(a);if(a==="*"){var d,e=[],f=0;for(;d=c[f];f++)d.nodeType===1&&e.push(d);return e}return c}},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(a){return a[1]=a[1].replace(K,""),a[3]=(a[4]||a[5]||"").replace(K,""),a[2]==="~="&&(a[3]=" "+a[3]+" "),a.slice(0,4)},CHILD:function(a){return a[1]=a[1].toLowerCase(),a[1]==="nth"?(a[2]||Z.error(a[0]),a[3]=+(a[3]?a[4]+(a[5]||1):2*(a[2]==="even"||a[2]==="odd")),a[4]=+(a[6]+a[7]||a[2]==="odd")):a[2]&&Z.error(a[0]),a},PSEUDO:function(a){var b,c=a[4];return L.CHILD.test(a[0])?null:(c&&(b=D.exec(c))&&b.pop()&&(a[0]=a[0].slice(0,b[0].length-c.length-1),c=b[0].slice(0,-1)),a.splice(2,3,c||a[3]),a)}},filter:{ID:g?function(a){return a=a.replace(K,""),function(b){return b.getAttribute("id")===a}}:function(a){return a=a.replace(K,""),function(b){var c=typeof b.getAttributeNode!==j&&b.getAttributeNode("id");return c&&c.value===a}},TAG:function(a){return a==="*"?function(){return!0}:(a=a.replace(K,"").toLowerCase(),function(b){return b.nodeName&&b.nodeName.toLowerCase()===a})},CLASS:function(a){var b=M[a];return b||(b=M[a]=new RegExp("(^|"+r+")"+a+"("+r+"|$)"),N.push(a),N.length>$.cacheLength&&delete M[N.shift()]),function(a){return b.test(a.className||typeof a.getAttribute!==j&&a.getAttribute("class")||"")}},ATTR:function(a,b,c){return b?function(d){var e=Z.attr(d,a),f=e+"";if(e==null)return b==="!=";switch(b){case"=":return f===c;case"!=":return f!==c;case"^=":return c&&f.indexOf(c)===0;case"*=":return c&&f.indexOf(c)>-1;case"$=":return c&&f.substr(f.length-c.length)===c;case"~=":return(" "+f+" ").indexOf(c)>-1;case"|=":return f===c||f.substr(0,c.length+1)===c+"-"}}:function(b){return Z.attr(b,a)!=null}},CHILD:function(a,b,c,d){if(a==="nth"){var e=m++;return function(a){var b,f,g=0,h=a;if(c===1&&d===0)return!0;b=a.parentNode;if(b&&(b[q]!==e||!a.sizset)){for(h=b.firstChild;h;h=h.nextSibling)if(h.nodeType===1){h.sizset=++g;if(h===a)break}b[q]=e}return f=a.sizset-d,c===0?f===0:f%c===0&&f/c>=0}}return function(b){var c=b;switch(a){case"only":case"first":while(c=c.previousSibling)if(c.nodeType===1)return!1;if(a==="first")return!0;c=b;case"last":while(c=c.nextSibling)if(c.nodeType===1)return!1;return!0}}},PSEUDO:function(a,b,c,d){var e=$.pseudos[a]||$.pseudos[a.toLowerCase()];return e||Z.error("unsupported pseudo: "+a),e.sizzleFilter?e(b,c,d):e}},pseudos:{not:Q(function(a,b,c){var d=bl(a.replace(A,"$1"),b,c);return function(a){return!d(a)}}),enabled:function(a){return a.disabled===!1},disabled:function(a){return a.disabled===!0},checked:function(a){var b=a.nodeName.toLowerCase();return b==="input"&&!!a.checked||b==="option"&&!!a.selected},selected:function(a){return a.parentNode&&a.parentNode.selectedIndex,a.selected===!0},parent:function(a){return!$.pseudos.empty(a)},empty:function(a){var b;a=a.firstChild;while(a){if(a.nodeName>"@"||(b=a.nodeType)===3||b===4)return!1;a=a.nextSibling}return!0},contains:Q(function(a){return function(b){return(b.textContent||b.innerText||bc(b)).indexOf(a)>-1}}),has:Q(function(a){return function(b){return Z(a,b).length>0}}),header:function(a){return I.test(a.nodeName)},text:function(a){var b,c;return a.nodeName.toLowerCase()==="input"&&(b=a.type)==="text"&&((c=a.getAttribute("type"))==null||c.toLowerCase()===b)},radio:R("radio"),checkbox:R("checkbox"),file:R("file"),password:R("password"),image:R("image"),submit:S("submit"),reset:S("reset"),button:function(a){var b=a.nodeName.toLowerCase();return b==="input"&&a.type==="button"||b==="button"},input:function(a){return J.test(a.nodeName)},focus:function(a){var b=a.ownerDocument;return a===b.activeElement&&(!b.hasFocus||b.hasFocus())&&(!!a.type||!!a.href)},active:function(a){return a===a.ownerDocument.activeElement}},setFilters:{first:function(a,b,c){return c?a.slice(1):[a[0]]},last:function(a,b,c){var d=a.pop();return c?a:[d]},even:function(a,b,c){var d=[],e=c?1:0,f=a.length;for(;e<f;e=e+2)d.push(a[e]);return d},odd:function(a,b,c){var d=[],e=c?0:1,f=a.length;for(;e<f;e=e+2)d.push(a[e]);return d},lt:function(a,b,c){return c?a.slice(+b):a.slice(0,+b)},gt:function(a,b,c){return c?a.slice(0,+b+1):a.slice(+b+1)},eq:function(a,b,c){var d=a.splice(+b,1);return c?a:d}}};$.setFilters.nth=$.setFilters.eq,$.filters=$.pseudos,X||($.attrHandle={href:function(a){return a.getAttribute("href",2)},type:function(a){return a.getAttribute("type")}}),V&&($.order.push("NAME"),$.find.NAME=function(a,b){if(typeof b.getElementsByName!==j)return b.getElementsByName(a)}),Y&&($.order.splice(1,0,"CLASS"),$.find.CLASS=function(a,b,c){if(typeof b.getElementsByClassName!==j&&!c)return b.getElementsByClassName(a)});try{n.call(i.childNodes,0)[0].nodeType}catch(_){n=function(a){var b,c=[];for(;b=this[a];a++)c.push(b);return c}}var ba=Z.isXML=function(a){var b=a&&(a.ownerDocument||a).documentElement;return b?b.nodeName!=="HTML":!1},bb=Z.contains=i.compareDocumentPosition?function(a,b){return!!(a.compareDocumentPosition(b)&16)}:i.contains?function(a,b){var c=a.nodeType===9?a.documentElement:a,d=b.parentNode;return a===d||!!(d&&d.nodeType===1&&c.contains&&c.contains(d))}:function(a,b){while(b=b.parentNode)if(b===a)return!0;return!1},bc=Z.getText=function(a){var b,c="",d=0,e=a.nodeType;if(e){if(e===1||e===9||e===11){if(typeof a.textContent=="string")return a.textContent;for(a=a.firstChild;a;a=a.nextSibling)c+=bc(a)}else if(e===3||e===4)return a.nodeValue}else for(;b=a[d];d++)c+=bc(b);return c};Z.attr=function(a,b){var c,d=ba(a);return d||(b=b.toLowerCase()),$.attrHandle[b]?$.attrHandle[b](a):U||d?a.getAttribute(b):(c=a.getAttributeNode(b),c?typeof a[b]=="boolean"?a[b]?b:null:c.specified?c.value:null:null)},Z.error=function(a){throw new Error("Syntax error, unrecognized expression: "+a)},[0,0].sort(function(){return l=0}),i.compareDocumentPosition?e=function(a,b){return a===b?(k=!0,0):(!a.compareDocumentPosition||!b.compareDocumentPosition?a.compareDocumentPosition:a.compareDocumentPosition(b)&4)?-1:1}:(e=function(a,b){if(a===b)return k=!0,0;if(a.sourceIndex&&b.sourceIndex)return a.sourceIndex-b.sourceIndex;var c,d,e=[],g=[],h=a.parentNode,i=b.parentNode,j=h;if(h===i)return f(a,b);if(!h)return-1;if(!i)return 1;while(j)e.unshift(j),j=j.parentNode;j=i;while(j)g.unshift(j),j=j.parentNode;c=e.length,d=g.length;for(var l=0;l<c&&l<d;l++)if(e[l]!==g[l])return f(e[l],g[l]);return l===c?f(a,g[l],-1):f(e[l],b,1)},f=function(a,b,c){if(a===b)return c;var d=a.nextSibling;while(d){if(d===b)return-1;d=d.nextSibling}return 1}),Z.uniqueSort=function(a){var b,c=1;if(e){k=l,a.sort(e);if(k)for(;b=a[c];c++)b===a[c-1]&&a.splice(c--,1)}return a};var bl=Z.compile=function(a,b,c){var d,e,f,g=O[a];if(g&&g.context===b)return g;e=bg(a,b,c);for(f=0;d=e[f];f++)e[f]=bj(d,b,c);return g=O[a]=bk(e),g.context=b,g.runs=g.dirruns=0,P.push(a),P.length>$.cacheLength&&delete O[P.shift()],g};Z.matches=function(a,b){return Z(a,null,null,b)},Z.matchesSelector=function(a,b){return Z(b,null,null,[a]).length>0};var bm=function(a,b,e,f,g){a=a.replace(A,"$1");var h,i,j,k,l,m,p,q,r,s=a.match(C),t=a.match(E),u=b.nodeType;if(L.POS.test(a))return bf(a,b,e,f,s);if(f)h=n.call(f,0);else if(s&&s.length===1){if(t.length>1&&u===9&&!g&&(s=L.ID.exec(t[0]))){b=$.find.ID(s[1],b,g)[0];if(!b)return e;a=a.slice(t.shift().length)}q=(s=G.exec(t[0]))&&!s.index&&b.parentNode||b,r=t.pop(),m=r.split(":not")[0];for(j=0,k=$.order.length;j<k;j++){p=$.order[j];if(s=L[p].exec(m)){h=$.find[p]((s[1]||"").replace(K,""),q,g);if(h==null)continue;m===r&&(a=a.slice(0,a.length-r.length)+m.replace(L[p],""),a||o.apply(e,n.call(h,0)));break}}}if(a){i=bl(a,b,g),d=i.dirruns++,h==null&&(h=$.find.TAG("*",G.test(a)&&b.parentNode||b));for(j=0;l=h[j];j++)c=i.runs++,i(l,b)&&e.push(l)}return e};h.querySelectorAll&&function(){var a,b=bm,c=/'|\\/g,d=/\=[\x20\t\r\n\f]*([^'"\]]*)[\x20\t\r\n\f]*\]/g,e=[],f=[":active"],g=i.matchesSelector||i.mozMatchesSelector||i.webkitMatchesSelector||i.oMatchesSelector||i.msMatchesSelector;T(function(a){a.innerHTML="<select><option selected></option></select>",a.querySelectorAll("[selected]").length||e.push("\\["+r+"*(?:checked|disabled|ismap|multiple|readonly|selected|value)"),a.querySelectorAll(":checked").length||e.push(":checked")}),T(function(a){a.innerHTML="<p test=''></p>",a.querySelectorAll("[test^='']").length&&e.push("[*^$]="+r+"*(?:\"\"|'')"),a.innerHTML="<input type='hidden'>",a.querySelectorAll(":enabled").length||e.push(":enabled",":disabled")}),e=e.length&&new RegExp(e.join("|")),bm=function(a,d,f,g,h){if(!g&&!h&&(!e||!e.test(a)))if(d.nodeType===9)try{return o.apply(f,n.call(d.querySelectorAll(a),0)),f}catch(i){}else if(d.nodeType===1&&d.nodeName.toLowerCase()!=="object"){var j=d.getAttribute("id"),k=j||q,l=G.test(a)&&d.parentNode||d;j?k=k.replace(c,"\\$&"):d.setAttribute("id",k);try{return o.apply(f,n.call(l.querySelectorAll(a.replace(C,"[id='"+k+"'] $&")),0)),f}catch(i){}finally{j||d.removeAttribute("id")}}return b(a,d,f,g,h)},g&&(T(function(b){a=g.call(b,"div");try{g.call(b,"[test!='']:sizzle"),f.push($.match.PSEUDO)}catch(c){}}),f=new RegExp(f.join("|")),Z.matchesSelector=function(b,c){c=c.replace(d,"='$1']");if(!ba(b)&&!f.test(c)&&(!e||!e.test(c)))try{var h=g.call(b,c);if(h||a||b.document&&b.document.nodeType!==11)return h}catch(i){}return Z(c,null,null,[b]).length>0})}(),Z.attr=p.attr,p.find=Z,p.expr=Z.selectors,p.expr[":"]=p.expr.pseudos,p.unique=Z.uniqueSort,p.text=Z.getText,p.isXMLDoc=Z.isXML,p.contains=Z.contains}(a);var bc=/Until$/,bd=/^(?:parents|prev(?:Until|All))/,be=/^.[^:#\[\.,]*$/,bf=p.expr.match.needsContext,bg={children:!0,contents:!0,next:!0,prev:!0};p.fn.extend({find:function(a){var b,c,d,e,f,g,h=this;if(typeof a!="string")return p(a).filter(function(){for(b=0,c=h.length;b<c;b++)if(p.contains(h[b],this))return!0});g=this.pushStack("","find",a);for(b=0,c=this.length;b<c;b++){d=g.length,p.find(a,this[b],g);if(b>0)for(e=d;e<g.length;e++)for(f=0;f<d;f++)if(g[f]===g[e]){g.splice(e--,1);break}}return g},has:function(a){var b,c=p(a,this),d=c.length;return this.filter(function(){for(b=0;b<d;b++)if(p.contains(this,c[b]))return!0})},not:function(a){return this.pushStack(bj(this,a,!1),"not",a)},filter:function(a){return this.pushStack(bj(this,a,!0),"filter",a)},is:function(a){return!!a&&(typeof a=="string"?bf.test(a)?p(a,this.context).index(this[0])>=0:p.filter(a,this).length>0:this.filter(a).length>0)},closest:function(a,b){var c,d=0,e=this.length,f=[],g=bf.test(a)||typeof a!="string"?p(a,b||this.context):0;for(;d<e;d++){c=this[d];while(c&&c.ownerDocument&&c!==b&&c.nodeType!==11){if(g?g.index(c)>-1:p.find.matchesSelector(c,a)){f.push(c);break}c=c.parentNode}}return f=f.length>1?p.unique(f):f,this.pushStack(f,"closest",a)},index:function(a){return a?typeof a=="string"?p.inArray(this[0],p(a)):p.inArray(a.jquery?a[0]:a,this):this[0]&&this[0].parentNode?this.prevAll().length:-1},add:function(a,b){var c=typeof a=="string"?p(a,b):p.makeArray(a&&a.nodeType?[a]:a),d=p.merge(this.get(),c);return this.pushStack(bh(c[0])||bh(d[0])?d:p.unique(d))},addBack:function(a){return this.add(a==null?this.prevObject:this.prevObject.filter(a))}}),p.fn.andSelf=p.fn.addBack,p.each({parent:function(a){var b=a.parentNode;return b&&b.nodeType!==11?b:null},parents:function(a){return p.dir(a,"parentNode")},parentsUntil:function(a,b,c){return p.dir(a,"parentNode",c)},next:function(a){return bi(a,"nextSibling")},prev:function(a){return bi(a,"previousSibling")},nextAll:function(a){return p.dir(a,"nextSibling")},prevAll:function(a){return p.dir(a,"previousSibling")},nextUntil:function(a,b,c){return p.dir(a,"nextSibling",c)},prevUntil:function(a,b,c){return p.dir(a,"previousSibling",c)},siblings:function(a){return p.sibling((a.parentNode||{}).firstChild,a)},children:function(a){return p.sibling(a.firstChild)},contents:function(a){return p.nodeName(a,"iframe")?a.contentDocument||a.contentWindow.document:p.merge([],a.childNodes)}},function(a,b){p.fn[a]=function(c,d){var e=p.map(this,b,c);return bc.test(a)||(d=c),d&&typeof d=="string"&&(e=p.filter(d,e)),e=this.length>1&&!bg[a]?p.unique(e):e,this.length>1&&bd.test(a)&&(e=e.reverse()),this.pushStack(e,a,k.call(arguments).join(","))}}),p.extend({filter:function(a,b,c){return c&&(a=":not("+a+")"),b.length===1?p.find.matchesSelector(b[0],a)?[b[0]]:[]:p.find.matches(a,b)},dir:function(a,c,d){var e=[],f=a[c];while(f&&f.nodeType!==9&&(d===b||f.nodeType!==1||!p(f).is(d)))f.nodeType===1&&e.push(f),f=f[c];return e},sibling:function(a,b){var c=[];for(;a;a=a.nextSibling)a.nodeType===1&&a!==b&&c.push(a);return c}});var bl="abbr|article|aside|audio|bdi|canvas|data|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",bm=/ jQuery\d+="(?:null|\d+)"/g,bn=/^\s+/,bo=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/gi,bp=/<([\w:]+)/,bq=/<tbody/i,br=/<|&#?\w+;/,bs=/<(?:script|style|link)/i,bt=/<(?:script|object|embed|option|style)/i,bu=new RegExp("<(?:"+bl+")[\\s/>]","i"),bv=/^(?:checkbox|radio)$/,bw=/checked\s*(?:[^=]|=\s*.checked.)/i,bx=/\/(java|ecma)script/i,by=/^\s*<!(?:\[CDATA\[|\-\-)|[\]\-]{2}>\s*$/g,bz={option:[1,"<select multiple='multiple'>","</select>"],legend:[1,"<fieldset>","</fieldset>"],thead:[1,"<table>","</table>"],tr:[2,"<table><tbody>","</tbody></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],col:[2,"<table><tbody></tbody><colgroup>","</colgroup></table>"],area:[1,"<map>","</map>"],_default:[0,"",""]},bA=bk(e),bB=bA.appendChild(e.createElement("div"));bz.optgroup=bz.option,bz.tbody=bz.tfoot=bz.colgroup=bz.caption=bz.thead,bz.th=bz.td,p.support.htmlSerialize||(bz._default=[1,"X<div>","</div>"]),p.fn.extend({text:function(a){return p.access(this,function(a){return a===b?p.text(this):this.empty().append((this[0]&&this[0].ownerDocument||e).createTextNode(a))},null,a,arguments.length)},wrapAll:function(a){if(p.isFunction(a))return this.each(function(b){p(this).wrapAll(a.call(this,b))});if(this[0]){var b=p(a,this[0].ownerDocument).eq(0).clone(!0);this[0].parentNode&&b.insertBefore(this[0]),b.map(function(){var a=this;while(a.firstChild&&a.firstChild.nodeType===1)a=a.firstChild;return a}).append(this)}return this},wrapInner:function(a){return p.isFunction(a)?this.each(function(b){p(this).wrapInner(a.call(this,b))}):this.each(function(){var b=p(this),c=b.contents();c.length?c.wrapAll(a):b.append(a)})},wrap:function(a){var b=p.isFunction(a);return this.each(function(c){p(this).wrapAll(b?a.call(this,c):a)})},unwrap:function(){return this.parent().each(function(){p.nodeName(this,"body")||p(this).replaceWith(this.childNodes)}).end()},append:function(){return this.domManip(arguments,!0,function(a){(this.nodeType===1||this.nodeType===11)&&this.appendChild(a)})},prepend:function(){return this.domManip(arguments,!0,function(a){(this.nodeType===1||this.nodeType===11)&&this.insertBefore(a,this.firstChild)})},before:function(){if(!bh(this[0]))return this.domManip(arguments,!1,function(a){this.parentNode.insertBefore(a,this)});if(arguments.length){var a=p.clean(arguments);return this.pushStack(p.merge(a,this),"before",this.selector)}},after:function(){if(!bh(this[0]))return this.domManip(arguments,!1,function(a){this.parentNode.insertBefore(a,this.nextSibling)});if(arguments.length){var a=p.clean(arguments);return this.pushStack(p.merge(this,a),"after",this.selector)}},remove:function(a,b){var c,d=0;for(;(c=this[d])!=null;d++)if(!a||p.filter(a,[c]).length)!b&&c.nodeType===1&&(p.cleanData(c.getElementsByTagName("*")),p.cleanData([c])),c.parentNode&&c.parentNode.removeChild(c);return this},empty:function(){var a,b=0;for(;(a=this[b])!=null;b++){a.nodeType===1&&p.cleanData(a.getElementsByTagName("*"));while(a.firstChild)a.removeChild(a.firstChild)}return this},clone:function(a,b){return a=a==null?!1:a,b=b==null?a:b,this.map(function(){return p.clone(this,a,b)})},html:function(a){return p.access(this,function(a){var c=this[0]||{},d=0,e=this.length;if(a===b)return c.nodeType===1?c.innerHTML.replace(bm,""):b;if(typeof a=="string"&&!bs.test(a)&&(p.support.htmlSerialize||!bu.test(a))&&(p.support.leadingWhitespace||!bn.test(a))&&!bz[(bp.exec(a)||["",""])[1].toLowerCase()]){a=a.replace(bo,"<$1></$2>");try{for(;d<e;d++)c=this[d]||{},c.nodeType===1&&(p.cleanData(c.getElementsByTagName("*")),c.innerHTML=a);c=0}catch(f){}}c&&this.empty().append(a)},null,a,arguments.length)},replaceWith:function(a){return bh(this[0])?this.length?this.pushStack(p(p.isFunction(a)?a():a),"replaceWith",a):this:p.isFunction(a)?this.each(function(b){var c=p(this),d=c.html();c.replaceWith(a.call(this,b,d))}):(typeof a!="string"&&(a=p(a).detach()),this.each(function(){var b=this.nextSibling,c=this.parentNode;p(this).remove(),b?p(b).before(a):p(c).append(a)}))},detach:function(a){return this.remove(a,!0)},domManip:function(a,c,d){a=[].concat.apply([],a);var e,f,g,h,i=0,j=a[0],k=[],l=this.length;if(!p.support.checkClone&&l>1&&typeof j=="string"&&bw.test(j))return this.each(function(){p(this).domManip(a,c,d)});if(p.isFunction(j))return this.each(function(e){var f=p(this);a[0]=j.call(this,e,c?f.html():b),f.domManip(a,c,d)});if(this[0]){e=p.buildFragment(a,this,k),g=e.fragment,f=g.firstChild,g.childNodes.length===1&&(g=f);if(f){c=c&&p.nodeName(f,"tr");for(h=e.cacheable||l-1;i<l;i++)d.call(c&&p.nodeName(this[i],"table")?bC(this[i],"tbody"):this[i],i===h?g:p.clone(g,!0,!0))}g=f=null,k.length&&p.each(k,function(a,b){b.src?p.ajax?p.ajax({url:b.src,type:"GET",dataType:"script",async:!1,global:!1,"throws":!0}):p.error("no ajax"):p.globalEval((b.text||b.textContent||b.innerHTML||"").replace(by,"")),b.parentNode&&b.parentNode.removeChild(b)})}return this}}),p.buildFragment=function(a,c,d){var f,g,h,i=a[0];return c=c||e,c=(c[0]||c).ownerDocument||c[0]||c,typeof c.createDocumentFragment=="undefined"&&(c=e),a.length===1&&typeof i=="string"&&i.length<512&&c===e&&i.charAt(0)==="<"&&!bt.test(i)&&(p.support.checkClone||!bw.test(i))&&(p.support.html5Clone||!bu.test(i))&&(g=!0,f=p.fragments[i],h=f!==b),f||(f=c.createDocumentFragment(),p.clean(a,c,f,d),g&&(p.fragments[i]=h&&f)),{fragment:f,cacheable:g}},p.fragments={},p.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(a,b){p.fn[a]=function(c){var d,e=0,f=[],g=p(c),h=g.length,i=this.length===1&&this[0].parentNode;if((i==null||i&&i.nodeType===11&&i.childNodes.length===1)&&h===1)return g[b](this[0]),this;for(;e<h;e++)d=(e>0?this.clone(!0):this).get(),p(g[e])[b](d),f=f.concat(d);return this.pushStack(f,a,g.selector)}}),p.extend({clone:function(a,b,c){var d,e,f,g;p.support.html5Clone||p.isXMLDoc(a)||!bu.test("<"+a.nodeName+">")?g=a.cloneNode(!0):(bB.innerHTML=a.outerHTML,bB.removeChild(g=bB.firstChild));if((!p.support.noCloneEvent||!p.support.noCloneChecked)&&(a.nodeType===1||a.nodeType===11)&&!p.isXMLDoc(a)){bE(a,g),d=bF(a),e=bF(g);for(f=0;d[f];++f)e[f]&&bE(d[f],e[f])}if(b){bD(a,g);if(c){d=bF(a),e=bF(g);for(f=0;d[f];++f)bD(d[f],e[f])}}return d=e=null,g},clean:function(a,b,c,d){var f,g,h,i,j,k,l,m,n,o,q,r,s=0,t=[];if(!b||typeof b.createDocumentFragment=="undefined")b=e;for(g=b===e&&bA;(h=a[s])!=null;s++){typeof h=="number"&&(h+="");if(!h)continue;if(typeof h=="string")if(!br.test(h))h=b.createTextNode(h);else{g=g||bk(b),l=l||g.appendChild(b.createElement("div")),h=h.replace(bo,"<$1></$2>"),i=(bp.exec(h)||["",""])[1].toLowerCase(),j=bz[i]||bz._default,k=j[0],l.innerHTML=j[1]+h+j[2];while(k--)l=l.lastChild;if(!p.support.tbody){m=bq.test(h),n=i==="table"&&!m?l.firstChild&&l.firstChild.childNodes:j[1]==="<table>"&&!m?l.childNodes:[];for(f=n.length-1;f>=0;--f)p.nodeName(n[f],"tbody")&&!n[f].childNodes.length&&n[f].parentNode.removeChild(n[f])}!p.support.leadingWhitespace&&bn.test(h)&&l.insertBefore(b.createTextNode(bn.exec(h)[0]),l.firstChild),h=l.childNodes,l=g.lastChild}h.nodeType?t.push(h):t=p.merge(t,h)}l&&(g.removeChild(l),h=l=g=null);if(!p.support.appendChecked)for(s=0;(h=t[s])!=null;s++)p.nodeName(h,"input")?bG(h):typeof h.getElementsByTagName!="undefined"&&p.grep(h.getElementsByTagName("input"),bG);if(c){q=function(a){if(!a.type||bx.test(a.type))return d?d.push(a.parentNode?a.parentNode.removeChild(a):a):c.appendChild(a)};for(s=0;(h=t[s])!=null;s++)if(!p.nodeName(h,"script")||!q(h))c.appendChild(h),typeof h.getElementsByTagName!="undefined"&&(r=p.grep(p.merge([],h.getElementsByTagName("script")),q),t.splice.apply(t,[s+1,0].concat(r)),s+=r.length)}return t},cleanData:function(a,b){var c,d,e,f,g=0,h=p.expando,i=p.cache,j=p.support.deleteExpando,k=p.event.special;for(;(e=a[g])!=null;g++)if(b||p.acceptData(e)){d=e[h],c=d&&i[d];if(c){if(c.events)for(f in c.events)k[f]?p.event.remove(e,f):p.removeEvent(e,f,c.handle);i[d]&&(delete i[d],j?delete e[h]:e.removeAttribute?e.removeAttribute(h):e[h]=null,p.deletedIds.push(d))}}}}),function(){var a,b;p.uaMatch=function(a){a=a.toLowerCase();var b=/(chrome)[ \/]([\w.]+)/.exec(a)||/(webkit)[ \/]([\w.]+)/.exec(a)||/(opera)(?:.*version|)[ \/]([\w.]+)/.exec(a)||/(msie) ([\w.]+)/.exec(a)||a.indexOf("compatible")<0&&/(mozilla)(?:.*? rv:([\w.]+)|)/.exec(a)||[];return{browser:b[1]||"",version:b[2]||"0"}},a=p.uaMatch(g.userAgent),b={},a.browser&&(b[a.browser]=!0,b.version=a.version),b.webkit&&(b.safari=!0),p.browser=b,p.sub=function(){function a(b,c){return new a.fn.init(b,c)}p.extend(!0,a,this),a.superclass=this,a.fn=a.prototype=this(),a.fn.constructor=a,a.sub=this.sub,a.fn.init=function c(c,d){return d&&d instanceof p&&!(d instanceof a)&&(d=a(d)),p.fn.init.call(this,c,d,b)},a.fn.init.prototype=a.fn;var b=a(e);return a}}();var bH,bI,bJ,bK=/alpha\([^)]*\)/i,bL=/opacity=([^)]*)/,bM=/^(top|right|bottom|left)$/,bN=/^margin/,bO=new RegExp("^("+q+")(.*)$","i"),bP=new RegExp("^("+q+")(?!px)[a-z%]+$","i"),bQ=new RegExp("^([-+])=("+q+")","i"),bR={},bS={position:"absolute",visibility:"hidden",display:"block"},bT={letterSpacing:0,fontWeight:400,lineHeight:1},bU=["Top","Right","Bottom","Left"],bV=["Webkit","O","Moz","ms"],bW=p.fn.toggle;p.fn.extend({css:function(a,c){return p.access(this,function(a,c,d){return d!==b?p.style(a,c,d):p.css(a,c)},a,c,arguments.length>1)},show:function(){return bZ(this,!0)},hide:function(){return bZ(this)},toggle:function(a,b){var c=typeof a=="boolean";return p.isFunction(a)&&p.isFunction(b)?bW.apply(this,arguments):this.each(function(){(c?a:bY(this))?p(this).show():p(this).hide()})}}),p.extend({cssHooks:{opacity:{get:function(a,b){if(b){var c=bH(a,"opacity");return c===""?"1":c}}}},cssNumber:{fillOpacity:!0,fontWeight:!0,lineHeight:!0,opacity:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{"float":p.support.cssFloat?"cssFloat":"styleFloat"},style:function(a,c,d,e){if(!a||a.nodeType===3||a.nodeType===8||!a.style)return;var f,g,h,i=p.camelCase(c),j=a.style;c=p.cssProps[i]||(p.cssProps[i]=bX(j,i)),h=p.cssHooks[c]||p.cssHooks[i];if(d===b)return h&&"get"in h&&(f=h.get(a,!1,e))!==b?f:j[c];g=typeof d,g==="string"&&(f=bQ.exec(d))&&(d=(f[1]+1)*f[2]+parseFloat(p.css(a,c)),g="number");if(d==null||g==="number"&&isNaN(d))return;g==="number"&&!p.cssNumber[i]&&(d+="px");if(!h||!("set"in h)||(d=h.set(a,d,e))!==b)try{j[c]=d}catch(k){}},css:function(a,c,d,e){var f,g,h,i=p.camelCase(c);return c=p.cssProps[i]||(p.cssProps[i]=bX(a.style,i)),h=p.cssHooks[c]||p.cssHooks[i],h&&"get"in h&&(f=h.get(a,!0,e)),f===b&&(f=bH(a,c)),f==="normal"&&c in bT&&(f=bT[c]),d||e!==b?(g=parseFloat(f),d||p.isNumeric(g)?g||0:f):f},swap:function(a,b,c){var d,e,f={};for(e in b)f[e]=a.style[e],a.style[e]=b[e];d=c.call(a);for(e in b)a.style[e]=f[e];return d}}),a.getComputedStyle?bH=function(a,b){var c,d,e,f,g=getComputedStyle(a,null),h=a.style;return g&&(c=g[b],c===""&&!p.contains(a.ownerDocument.documentElement,a)&&(c=p.style(a,b)),bP.test(c)&&bN.test(b)&&(d=h.width,e=h.minWidth,f=h.maxWidth,h.minWidth=h.maxWidth=h.width=c,c=g.width,h.width=d,h.minWidth=e,h.maxWidth=f)),c}:e.documentElement.currentStyle&&(bH=function(a,b){var c,d,e=a.currentStyle&&a.currentStyle[b],f=a.style;return e==null&&f&&f[b]&&(e=f[b]),bP.test(e)&&!bM.test(b)&&(c=f.left,d=a.runtimeStyle&&a.runtimeStyle.left,d&&(a.runtimeStyle.left=a.currentStyle.left),f.left=b==="fontSize"?"1em":e,e=f.pixelLeft+"px",f.left=c,d&&(a.runtimeStyle.left=d)),e===""?"auto":e}),p.each(["height","width"],function(a,b){p.cssHooks[b]={get:function(a,c,d){if(c)return a.offsetWidth!==0||bH(a,"display")!=="none"?ca(a,b,d):p.swap(a,bS,function(){return ca(a,b,d)})},set:function(a,c,d){return b$(a,c,d?b_(a,b,d,p.support.boxSizing&&p.css(a,"boxSizing")==="border-box"):0)}}}),p.support.opacity||(p.cssHooks.opacity={get:function(a,b){return bL.test((b&&a.currentStyle?a.currentStyle.filter:a.style.filter)||"")?.01*parseFloat(RegExp.$1)+"":b?"1":""},set:function(a,b){var c=a.style,d=a.currentStyle,e=p.isNumeric(b)?"alpha(opacity="+b*100+")":"",f=d&&d.filter||c.filter||"";c.zoom=1;if(b>=1&&p.trim(f.replace(bK,""))===""&&c.removeAttribute){c.removeAttribute("filter");if(d&&!d.filter)return}c.filter=bK.test(f)?f.replace(bK,e):f+" "+e}}),p(function(){p.support.reliableMarginRight||(p.cssHooks.marginRight={get:function(a,b){return p.swap(a,{display:"inline-block"},function(){if(b)return bH(a,"marginRight")})}}),!p.support.pixelPosition&&p.fn.position&&p.each(["top","left"],function(a,b){p.cssHooks[b]={get:function(a,c){if(c){var d=bH(a,b);return bP.test(d)?p(a).position()[b]+"px":d}}}})}),p.expr&&p.expr.filters&&(p.expr.filters.hidden=function(a){return a.offsetWidth===0&&a.offsetHeight===0||!p.support.reliableHiddenOffsets&&(a.style&&a.style.display||bH(a,"display"))==="none"},p.expr.filters.visible=function(a){return!p.expr.filters.hidden(a)}),p.each({margin:"",padding:"",border:"Width"},function(a,b){p.cssHooks[a+b]={expand:function(c){var d,e=typeof c=="string"?c.split(" "):[c],f={};for(d=0;d<4;d++)f[a+bU[d]+b]=e[d]||e[d-2]||e[0];return f}},bN.test(a)||(p.cssHooks[a+b].set=b$)});var cc=/%20/g,cd=/\[\]$/,ce=/\r?\n/g,cf=/^(?:color|date|datetime|datetime-local|email|hidden|month|number|password|range|search|tel|text|time|url|week)$/i,cg=/^(?:select|textarea)/i;p.fn.extend({serialize:function(){return p.param(this.serializeArray())},serializeArray:function(){return this.map(function(){return this.elements?p.makeArray(this.elements):this}).filter(function(){return this.name&&!this.disabled&&(this.checked||cg.test(this.nodeName)||cf.test(this.type))}).map(function(a,b){var c=p(this).val();return c==null?null:p.isArray(c)?p.map(c,function(a,c){return{name:b.name,value:a.replace(ce,"\r\n")}}):{name:b.name,value:c.replace(ce,"\r\n")}}).get()}}),p.param=function(a,c){var d,e=[],f=function(a,b){b=p.isFunction(b)?b():b==null?"":b,e[e.length]=encodeURIComponent(a)+"="+encodeURIComponent(b)};c===b&&(c=p.ajaxSettings&&p.ajaxSettings.traditional);if(p.isArray(a)||a.jquery&&!p.isPlainObject(a))p.each(a,function(){f(this.name,this.value)});else for(d in a)ch(d,a[d],c,f);return e.join("&").replace(cc,"+")};var ci,cj,ck=/#.*$/,cl=/^(.*?):[ \t]*([^\r\n]*)\r?$/mg,cm=/^(?:about|app|app\-storage|.+\-extension|file|res|widget):$/,cn=/^(?:GET|HEAD)$/,co=/^\/\//,cp=/\?/,cq=/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi,cr=/([?&])_=[^&]*/,cs=/^([\w\+\.\-]+:)(?:\/\/([^\/?#:]*)(?::(\d+)|)|)/,ct=p.fn.load,cu={},cv={},cw=["*/"]+["*"];try{ci=f.href}catch(cx){ci=e.createElement("a"),ci.href="",ci=ci.href}cj=cs.exec(ci.toLowerCase())||[],p.fn.load=function(a,c,d){if(typeof a!="string"&&ct)return ct.apply(this,arguments);if(!this.length)return this;var e,f,g,h=this,i=a.indexOf(" ");return i>=0&&(e=a.slice(i,a.length),a=a.slice(0,i)),p.isFunction(c)?(d=c,c=b):typeof c=="object"&&(f="POST"),p.ajax({url:a,type:f,dataType:"html",data:c,complete:function(a,b){d&&h.each(d,g||[a.responseText,b,a])}}).done(function(a){g=arguments,h.html(e?p("<div>").append(a.replace(cq,"")).find(e):a)}),this},p.each("ajaxStart ajaxStop ajaxComplete ajaxError ajaxSuccess ajaxSend".split(" "),function(a,b){p.fn[b]=function(a){return this.on(b,a)}}),p.each(["get","post"],function(a,c){p[c]=function(a,d,e,f){return p.isFunction(d)&&(f=f||e,e=d,d=b),p.ajax({type:c,url:a,data:d,success:e,dataType:f})}}),p.extend({getScript:function(a,c){return p.get(a,b,c,"script")},getJSON:function(a,b,c){return p.get(a,b,c,"json")},ajaxSetup:function(a,b){return b?cA(a,p.ajaxSettings):(b=a,a=p.ajaxSettings),cA(a,b),a},ajaxSettings:{url:ci,isLocal:cm.test(cj[1]),global:!0,type:"GET",contentType:"application/x-www-form-urlencoded; charset=UTF-8",processData:!0,async:!0,accepts:{xml:"application/xml, text/xml",html:"text/html",text:"text/plain",json:"application/json, text/javascript","*":cw},contents:{xml:/xml/,html:/html/,json:/json/},responseFields:{xml:"responseXML",text:"responseText"},converters:{"* text":a.String,"text html":!0,"text json":p.parseJSON,"text xml":p.parseXML},flatOptions:{context:!0,url:!0}},ajaxPrefilter:cy(cu),ajaxTransport:cy(cv),ajax:function(a,c){function y(a,c,f,i){var k,s,t,u,w,y=c;if(v===2)return;v=2,h&&clearTimeout(h),g=b,e=i||"",x.readyState=a>0?4:0,f&&(u=cB(l,x,f));if(a>=200&&a<300||a===304)l.ifModified&&(w=x.getResponseHeader("Last-Modified"),w&&(p.lastModified[d]=w),w=x.getResponseHeader("Etag"),w&&(p.etag[d]=w)),a===304?(y="notmodified",k=!0):(k=cC(l,u),y=k.state,s=k.data,t=k.error,k=!t);else{t=y;if(!y||a)y="error",a<0&&(a=0)}x.status=a,x.statusText=""+(c||y),k?o.resolveWith(m,[s,y,x]):o.rejectWith(m,[x,y,t]),x.statusCode(r),r=b,j&&n.trigger("ajax"+(k?"Success":"Error"),[x,l,k?s:t]),q.fireWith(m,[x,y]),j&&(n.trigger("ajaxComplete",[x,l]),--p.active||p.event.trigger("ajaxStop"))}typeof a=="object"&&(c=a,a=b),c=c||{};var d,e,f,g,h,i,j,k,l=p.ajaxSetup({},c),m=l.context||l,n=m!==l&&(m.nodeType||m instanceof p)?p(m):p.event,o=p.Deferred(),q=p.Callbacks("once memory"),r=l.statusCode||{},t={},u={},v=0,w="canceled",x={readyState:0,setRequestHeader:function(a,b){if(!v){var c=a.toLowerCase();a=u[c]=u[c]||a,t[a]=b}return this},getAllResponseHeaders:function(){return v===2?e:null},getResponseHeader:function(a){var c;if(v===2){if(!f){f={};while(c=cl.exec(e))f[c[1].toLowerCase()]=c[2]}c=f[a.toLowerCase()]}return c===b?null:c},overrideMimeType:function(a){return v||(l.mimeType=a),this},abort:function(a){return a=a||w,g&&g.abort(a),y(0,a),this}};o.promise(x),x.success=x.done,x.error=x.fail,x.complete=q.add,x.statusCode=function(a){if(a){var b;if(v<2)for(b in a)r[b]=[r[b],a[b]];else b=a[x.status],x.always(b)}return this},l.url=((a||l.url)+"").replace(ck,"").replace(co,cj[1]+"//"),l.dataTypes=p.trim(l.dataType||"*").toLowerCase().split(s),l.crossDomain==null&&(i=cs.exec(l.url.toLowerCase()),l.crossDomain=!(!i||i[1]==cj[1]&&i[2]==cj[2]&&(i[3]||(i[1]==="http:"?80:443))==(cj[3]||(cj[1]==="http:"?80:443)))),l.data&&l.processData&&typeof l.data!="string"&&(l.data=p.param(l.data,l.traditional)),cz(cu,l,c,x);if(v===2)return x;j=l.global,l.type=l.type.toUpperCase(),l.hasContent=!cn.test(l.type),j&&p.active++===0&&p.event.trigger("ajaxStart");if(!l.hasContent){l.data&&(l.url+=(cp.test(l.url)?"&":"?")+l.data,delete l.data),d=l.url;if(l.cache===!1){var z=p.now(),A=l.url.replace(cr,"$1_="+z);l.url=A+(A===l.url?(cp.test(l.url)?"&":"?")+"_="+z:"")}}(l.data&&l.hasContent&&l.contentType!==!1||c.contentType)&&x.setRequestHeader("Content-Type",l.contentType),l.ifModified&&(d=d||l.url,p.lastModified[d]&&x.setRequestHeader("If-Modified-Since",p.lastModified[d]),p.etag[d]&&x.setRequestHeader("If-None-Match",p.etag[d])),x.setRequestHeader("Accept",l.dataTypes[0]&&l.accepts[l.dataTypes[0]]?l.accepts[l.dataTypes[0]]+(l.dataTypes[0]!=="*"?", "+cw+"; q=0.01":""):l.accepts["*"]);for(k in l.headers)x.setRequestHeader(k,l.headers[k]);if(!l.beforeSend||l.beforeSend.call(m,x,l)!==!1&&v!==2){w="abort";for(k in{success:1,error:1,complete:1})x[k](l[k]);g=cz(cv,l,c,x);if(!g)y(-1,"No Transport");else{x.readyState=1,j&&n.trigger("ajaxSend",[x,l]),l.async&&l.timeout>0&&(h=setTimeout(function(){x.abort("timeout")},l.timeout));try{v=1,g.send(t,y)}catch(B){if(v<2)y(-1,B);else throw B}}return x}return x.abort()},active:0,lastModified:{},etag:{}});var cD=[],cE=/\?/,cF=/(=)\?(?=&|$)|\?\?/,cG=p.now();p.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var a=cD.pop()||p.expando+"_"+cG++;return this[a]=!0,a}}),p.ajaxPrefilter("json jsonp",function(c,d,e){var f,g,h,i=c.data,j=c.url,k=c.jsonp!==!1,l=k&&cF.test(j),m=k&&!l&&typeof i=="string"&&!(c.contentType||"").indexOf("application/x-www-form-urlencoded")&&cF.test(i);if(c.dataTypes[0]==="jsonp"||l||m)return f=c.jsonpCallback=p.isFunction(c.jsonpCallback)?c.jsonpCallback():c.jsonpCallback,g=a[f],l?c.url=j.replace(cF,"$1"+f):m?c.data=i.replace(cF,"$1"+f):k&&(c.url+=(cE.test(j)?"&":"?")+c.jsonp+"="+f),c.converters["script json"]=function(){return h||p.error(f+" was not called"),h[0]},c.dataTypes[0]="json",a[f]=function(){h=arguments},e.always(function(){a[f]=g,c[f]&&(c.jsonpCallback=d.jsonpCallback,cD.push(f)),h&&p.isFunction(g)&&g(h[0]),h=g=b}),"script"}),p.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/javascript|ecmascript/},converters:{"text script":function(a){return p.globalEval(a),a}}}),p.ajaxPrefilter("script",function(a){a.cache===b&&(a.cache=!1),a.crossDomain&&(a.type="GET",a.global=!1)}),p.ajaxTransport("script",function(a){if(a.crossDomain){var c,d=e.head||e.getElementsByTagName("head")[0]||e.documentElement;return{send:function(f,g){c=e.createElement("script"),c.async="async",a.scriptCharset&&(c.charset=a.scriptCharset),c.src=a.url,c.onload=c.onreadystatechange=function(a,e){if(e||!c.readyState||/loaded|complete/.test(c.readyState))c.onload=c.onreadystatechange=null,d&&c.parentNode&&d.removeChild(c),c=b,e||g(200,"success")},d.insertBefore(c,d.firstChild)},abort:function(){c&&c.onload(0,1)}}}});var cH,cI=a.ActiveXObject?function(){for(var a in cH)cH[a](0,1)}:!1,cJ=0;p.ajaxSettings.xhr=a.ActiveXObject?function(){return!this.isLocal&&cK()||cL()}:cK,function(a){p.extend(p.support,{ajax:!!a,cors:!!a&&"withCredentials"in a})}(p.ajaxSettings.xhr()),p.support.ajax&&p.ajaxTransport(function(c){if(!c.crossDomain||p.support.cors){var d;return{send:function(e,f){var g,h,i=c.xhr();c.username?i.open(c.type,c.url,c.async,c.username,c.password):i.open(c.type,c.url,c.async);if(c.xhrFields)for(h in c.xhrFields)i[h]=c.xhrFields[h];c.mimeType&&i.overrideMimeType&&i.overrideMimeType(c.mimeType),!c.crossDomain&&!e["X-Requested-With"]&&(e["X-Requested-With"]="XMLHttpRequest");try{for(h in e)i.setRequestHeader(h,e[h])}catch(j){}i.send(c.hasContent&&c.data||null),d=function(a,e){var h,j,k,l,m;try{if(d&&(e||i.readyState===4)){d=b,g&&(i.onreadystatechange=p.noop,cI&&delete cH[g]);if(e)i.readyState!==4&&i.abort();else{h=i.status,k=i.getAllResponseHeaders(),l={},m=i.responseXML,m&&m.documentElement&&(l.xml=m);try{l.text=i.responseText}catch(a){}try{j=i.statusText}catch(n){j=""}!h&&c.isLocal&&!c.crossDomain?h=l.text?200:404:h===1223&&(h=204)}}}catch(o){e||f(-1,o)}l&&f(h,j,l,k)},c.async?i.readyState===4?setTimeout(d,0):(g=++cJ,cI&&(cH||(cH={},p(a).unload(cI)),cH[g]=d),i.onreadystatechange=d):d()},abort:function(){d&&d(0,1)}}}});var cM,cN,cO=/^(?:toggle|show|hide)$/,cP=new RegExp("^(?:([-+])=|)("+q+")([a-z%]*)$","i"),cQ=/queueHooks$/,cR=[cX],cS={"*":[function(a,b){var c,d,e,f=this.createTween(a,b),g=cP.exec(b),h=f.cur(),i=+h||0,j=1;if(g){c=+g[2],d=g[3]||(p.cssNumber[a]?"":"px");if(d!=="px"&&i){i=p.css(f.elem,a,!0)||c||1;do e=j=j||".5",i=i/j,p.style(f.elem,a,i+d),j=f.cur()/h;while(j!==1&&j!==e)}f.unit=d,f.start=i,f.end=g[1]?i+(g[1]+1)*c:c}return f}]};p.Animation=p.extend(cV,{tweener:function(a,b){p.isFunction(a)?(b=a,a=["*"]):a=a.split(" ");var c,d=0,e=a.length;for(;d<e;d++)c=a[d],cS[c]=cS[c]||[],cS[c].unshift(b)},prefilter:function(a,b){b?cR.unshift(a):cR.push(a)}}),p.Tween=cY,cY.prototype={constructor:cY,init:function(a,b,c,d,e,f){this.elem=a,this.prop=c,this.easing=e||"swing",this.options=b,this.start=this.now=this.cur(),this.end=d,this.unit=f||(p.cssNumber[c]?"":"px")},cur:function(){var a=cY.propHooks[this.prop];return a&&a.get?a.get(this):cY.propHooks._default.get(this)},run:function(a){var b,c=cY.propHooks[this.prop];return this.pos=b=p.easing[this.easing](a,this.options.duration*a,0,1,this.options.duration),this.now=(this.end-this.start)*b+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),c&&c.set?c.set(this):cY.propHooks._default.set(this),this}},cY.prototype.init.prototype=cY.prototype,cY.propHooks={_default:{get:function(a){var b;return a.elem[a.prop]==null||!!a.elem.style&&a.elem.style[a.prop]!=null?(b=p.css(a.elem,a.prop,!1,""),!b||b==="auto"?0:b):a.elem[a.prop]},set:function(a){p.fx.step[a.prop]?p.fx.step[a.prop](a):a.elem.style&&(a.elem.style[p.cssProps[a.prop]]!=null||p.cssHooks[a.prop])?p.style(a.elem,a.prop,a.now+a.unit):a.elem[a.prop]=a.now}}},cY.propHooks.scrollTop=cY.propHooks.scrollLeft={set:function(a){a.elem.nodeType&&a.elem.parentNode&&(a.elem[a.prop]=a.now)}},p.each(["toggle","show","hide"],function(a,b){var c=p.fn[b];p.fn[b]=function(d,e,f){return d==null||typeof d=="boolean"||!a&&p.isFunction(d)&&p.isFunction(e)?c.apply(this,arguments):this.animate(cZ(b,!0),d,e,f)}}),p.fn.extend({fadeTo:function(a,b,c,d){return this.filter(bY).css("opacity",0).show().end().animate({opacity:b},a,c,d)},animate:function(a,b,c,d){var e=p.isEmptyObject(a),f=p.speed(b,c,d),g=function(){var b=cV(this,p.extend({},a),f);e&&b.stop(!0)};return e||f.queue===!1?this.each(g):this.queue(f.queue,g)},stop:function(a,c,d){var e=function(a){var b=a.stop;delete a.stop,b(d)};return typeof a!="string"&&(d=c,c=a,a=b),c&&a!==!1&&this.queue(a||"fx",[]),this.each(function(){var b=!0,c=a!=null&&a+"queueHooks",f=p.timers,g=p._data(this);if(c)g[c]&&g[c].stop&&e(g[c]);else for(c in g)g[c]&&g[c].stop&&cQ.test(c)&&e(g[c]);for(c=f.length;c--;)f[c].elem===this&&(a==null||f[c].queue===a)&&(f[c].anim.stop(d),b=!1,f.splice(c,1));(b||!d)&&p.dequeue(this,a)})}}),p.each({slideDown:cZ("show"),slideUp:cZ("hide"),slideToggle:cZ("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(a,b){p.fn[a]=function(a,c,d){return this.animate(b,a,c,d)}}),p.speed=function(a,b,c){var d=a&&typeof a=="object"?p.extend({},a):{complete:c||!c&&b||p.isFunction(a)&&a,duration:a,easing:c&&b||b&&!p.isFunction(b)&&b};d.duration=p.fx.off?0:typeof d.duration=="number"?d.duration:d.duration in p.fx.speeds?p.fx.speeds[d.duration]:p.fx.speeds._default;if(d.queue==null||d.queue===!0)d.queue="fx";return d.old=d.complete,d.complete=function(){p.isFunction(d.old)&&d.old.call(this),d.queue&&p.dequeue(this,d.queue)},d},p.easing={linear:function(a){return a},swing:function(a){return.5-Math.cos(a*Math.PI)/2}},p.timers=[],p.fx=cY.prototype.init,p.fx.tick=function(){var a,b=p.timers,c=0;for(;c<b.length;c++)a=b[c],!a()&&b[c]===a&&b.splice(c--,1);b.length||p.fx.stop()},p.fx.timer=function(a){a()&&p.timers.push(a)&&!cN&&(cN=setInterval(p.fx.tick,p.fx.interval))},p.fx.interval=13,p.fx.stop=function(){clearInterval(cN),cN=null},p.fx.speeds={slow:600,fast:200,_default:400},p.fx.step={},p.expr&&p.expr.filters&&(p.expr.filters.animated=function(a){return p.grep(p.timers,function(b){return a===b.elem}).length});var c$=/^(?:body|html)$/i;p.fn.offset=function(a){if(arguments.length)return a===b?this:this.each(function(b){p.offset.setOffset(this,a,b)});var c,d,e,f,g,h,i,j,k,l,m=this[0],n=m&&m.ownerDocument;if(!n)return;return(e=n.body)===m?p.offset.bodyOffset(m):(d=n.documentElement,p.contains(d,m)?(c=m.getBoundingClientRect(),f=c_(n),g=d.clientTop||e.clientTop||0,h=d.clientLeft||e.clientLeft||0,i=f.pageYOffset||d.scrollTop,j=f.pageXOffset||d.scrollLeft,k=c.top+i-g,l=c.left+j-h,{top:k,left:l}):{top:0,left:0})},p.offset={bodyOffset:function(a){var b=a.offsetTop,c=a.offsetLeft;return p.support.doesNotIncludeMarginInBodyOffset&&(b+=parseFloat(p.css(a,"marginTop"))||0,c+=parseFloat(p.css(a,"marginLeft"))||0),{top:b,left:c}},setOffset:function(a,b,c){var d=p.css(a,"position");d==="static"&&(a.style.position="relative");var e=p(a),f=e.offset(),g=p.css(a,"top"),h=p.css(a,"left"),i=(d==="absolute"||d==="fixed")&&p.inArray("auto",[g,h])>-1,j={},k={},l,m;i?(k=e.position(),l=k.top,m=k.left):(l=parseFloat(g)||0,m=parseFloat(h)||0),p.isFunction(b)&&(b=b.call(a,c,f)),b.top!=null&&(j.top=b.top-f.top+l),b.left!=null&&(j.left=b.left-f.left+m),"using"in b?b.using.call(a,j):e.css(j)}},p.fn.extend({position:function(){if(!this[0])return;var a=this[0],b=this.offsetParent(),c=this.offset(),d=c$.test(b[0].nodeName)?{top:0,left:0}:b.offset();return c.top-=parseFloat(p.css(a,"marginTop"))||0,c.left-=parseFloat(p.css(a,"marginLeft"))||0,d.top+=parseFloat(p.css(b[0],"borderTopWidth"))||0,d.left+=parseFloat(p.css(b[0],"borderLeftWidth"))||0,{top:c.top-d.top,left:c.left-d.left}},offsetParent:function(){return this.map(function(){var a=this.offsetParent||e.body;while(a&&!c$.test(a.nodeName)&&p.css(a,"position")==="static")a=a.offsetParent;return a||e.body})}}),p.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(a,c){var d=/Y/.test(c);p.fn[a]=function(e){return p.access(this,function(a,e,f){var g=c_(a);if(f===b)return g?c in g?g[c]:g.document.documentElement[e]:a[e];g?g.scrollTo(d?p(g).scrollLeft():f,d?f:p(g).scrollTop()):a[e]=f},a,e,arguments.length,null)}}),p.each({Height:"height",Width:"width"},function(a,c){p.each({padding:"inner"+a,content:c,"":"outer"+a},function(d,e){p.fn[e]=function(e,f){var g=arguments.length&&(d||typeof e!="boolean"),h=d||(e===!0||f===!0?"margin":"border");return p.access(this,function(c,d,e){var f;return p.isWindow(c)?c.document.documentElement["client"+a]:c.nodeType===9?(f=c.documentElement,Math.max(c.body["scroll"+a],f["scroll"+a],c.body["offset"+a],f["offset"+a],f["client"+a])):e===b?p.css(c,d,e,h):p.style(c,d,e,h)},c,g?e:b,g)}})}),a.jQuery=a.$=p,typeof define=="function"&&define.amd&&define.amd.jQuery&&define("jquery",[],function(){return p})})(window);
        </script>
        <script type="text/javascript">
            /*! jQuery Stupid Table Plugin by Joseph McCullough | https://github.com/joequery/Stupid-Table-Plugin/blob/master/LICENSE */
            (function(e){e.fn.stupidtable=function(j){return this.each(function(){var d=e(this);j=j||{};j=e.extend({},{"int":function(b,a){return parseInt(b,10)-parseInt(a,10)},"float":function(b,a){return parseFloat(b)-parseFloat(a)},string:function(b,a){return b<a?-1:b>a?1:0},"string-ins":function(b,a){b=b.toLowerCase();a=a.toLowerCase();return b<a?-1:b>a?1:0}},j);d.on("click","th",function(){var b=d.children("tbody").children("tr"),a=e(this),k=0,n=e.fn.stupidtable.dir;d.find("th").slice(0,a.index()).each(function(){var a=e(this).attr("colspan")||1;k+=parseInt(a,10)});var m=a.data("sort-dir")===n.ASC?n.DESC:n.ASC,p=m==n.DESC?a.data("sort-desc")||a.data("sort")||null:a.data("sort")||null;null!==p&&(d.trigger("beforetablesort",{column:k,direction:m}),d.css("display"),setTimeout(function(){var l=[],c=j[p];b.each(function(a,b){var c=e(b).children().eq(k),d=c.data("sort-value"),c="undefined"!==typeof d?d:c.text();l.push(c)});var f=[],g=0;if(a.data("sort-dir")&&!a.data("sort-desc"))for(c=l.length-1;0<=c;c--)f.push(c);else for(var h=l.slice(0).sort(c),c=0;c<l.length;c++){for(g=e.inArray(l[c],h);-1!=e.inArray(g,f);)g++;f.push(g)}d.find("th").data("sort-dir",null).removeClass("sorting-desc sorting-asc");a.data("sort-dir",m).addClass("sorting-"+m);g=b.slice(0);for(h=c=0;h<f.length;h++)c=f[h],g[c]=b[h];f=e(g);d.children("tbody").append(f);d.trigger("aftertablesort",{column:k,direction:m});d.css("display")},10))})})};e.fn.stupidtable.dir={ASC:"asc",DESC:"desc"}})(jQuery);
        </script>
        <script type="text/javascript">
            $(document).ready(function() {
                $(".expandable").click(function (event) {
                    e = event || window.event;
                    var h = e.target || e.srcElement;
                    var content = "#content" + h.id.substr(6);
                    var header = "#" + h.id;
                    $(content).slideToggle("fast");
                    var exprx = /expandable\b/;
                    if (exprx.exec($(header).attr("class"))) {
                        $(header).addClass("collapsed");
                        $(header).removeClass("expandable");
                    } else {
                        $(header).addClass("expandable");
                        $(header).removeClass("collapsed");
                    }
                    var essrx = /expandablesubsection/;
                    var cssrx = /collaspablesubsection/;
                    if (essrx.exec($(header).attr("class"))) {
                        $(header).addClass("collaspablesubsection");
                        $(header).removeClass("expandablesubsection");
                    } else if (cssrx.exec($(header).attr("class"))) {
                        $(header).addClass("expandablesubsection");
                        $(header).removeClass("collaspablesubsection");
                    }
                    return false;
                });
                var table = $("#summaryTable").stupidtable();
                table.bind('aftertablesort', function (event, data) {
                    var th = $(this).find('th');
                    th.find(".arrow").remove();
                    var arrow = data.direction === 'asc' ? '↑' : '↓';
                    th.eq(data.column).append('<span class="arrow">' + arrow +'</span>');
                });
            });

            $(function(){
                $('#modal-background, #modal-close').click(function () {
                    $('#modal-content,#modal-background').toggleClass('active');
                });
                $('#modal-text').bind('copy cut', function() {
                    setTimeout('$("#modal-content,#modal-background").toggleClass("active");',100);
                });
                $('#modal-add-header').click(function () {
                    xml = '<?xml version="1.0" encoding="UTF-8"?>\n<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">\n   ';
                    xml += $("#modal-text").text().replace(/\n/g,'\n   ');
                    xml += '\n</suppressions>';
                    $('#modal-text').text(xml).focus().select();
                });
            });
            function copyText(name, sha1, type, val) {
                xml =  '<suppress>\n';
                xml += '   <notes><!'+'[CDATA[\n   file name: ' + name + '\n   ]]'+'></notes>\n';
                xml += '   <sha1>' + sha1 + '</sha1>\n';
                xml += '   <'+type+'>' + val + '</'+type+'>\n';
                xml += '</suppress>';
                $('#modal-text').text(xml);
                $('#modal-content,#modal-background').toggleClass('active');
                $('#modal-text').focus();
                $('#modal-text').select();
            }
            function toggleDisplay(el, clzName, all, some) {
                $(clzName).toggle();
                if (el.innerHTML == all) {
                    el.innerHTML = some;
                } else {
                    el.innerHTML = all;
                }
                return false;
            }
        </script>
        <style type="text/css">
            #modal-background {
                display: none;
                position: fixed;
                top: 0;
                left: 0;
                width: 100%;
                height: 100%;
                background-color: white;
                opacity: .50;
                -webkit-opacity: .5;
                -moz-opacity: .5;
                filter: alpha(opacity=50);
                z-index: 1000;
            }

            #modal-content {
                background-color: white;
                border-radius: 10px;
                -webkit-border-radius: 10px;
                -moz-border-radius: 10px;
                box-shadow: 0 0 20px 0 #222;
                -webkit-box-shadow: 0 0 20px 0 #222;
                -moz-box-shadow: 0 0 20px 0 #222;
                display: none;
                height: 240px;
                left: 50%;
                margin: -120px 0 0 -160px;
                padding: 10px;
                position: fixed;
                top: 50%;
                z-index: 1000;
            }

            #modal-background.active, #modal-content.active {
                display: block;
            }
            #modal-text {
                border: 0;
                overflow: hidden
            }
            #modal-text:focus {
                outline: none;
            }
            .suppressedLabel {
                cursor: default;
                padding:1px;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .copybutton {
                padding:1px;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .copybutton:hover {
                padding:1px;
                background-color: #dddddd;
                border: 1px solid #444444;
                color:#444444;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button {
                padding:1px;
                float:left;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button:hover {
                padding:1px;
                float:left;
                background-color: #dddddd;
                border: 1px solid #333333;
                color:#333333;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button-right {
                padding:1px;
                float:right;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button-right:hover {
                padding:1px;
                float:right;
                background-color: #dddddd;
                border: 1px solid #333333;
                color:#333333;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .rounded-corners {
                -moz-border-radius: 20px;
                -webkit-border-radius: 20px;
                -khtml-border-radius: 20px;
                -o-border-radius: 20px;
                border-radius: 20px;
            }
            .hidden {
                display: none;
            }
            .expandable {
                cursor: pointer;
                background-image: url(data:image/gif;base64,R0lGODlhDAAMAIABAICAgP///yH5BAEAAAEALAAAAAAMAAwAAAIcjI8Hy22Q1FNwhnpxhW3d2XFWJn2PNiZbyERuAQA7);
                background-repeat: no-repeat;
                background-position: 98% 50%;
            }
            .collapsed {
                cursor: pointer;
                background-image: url(data:image/gif;base64,R0lGODlhDAAMAIABAICAgP///yH5BAEAAAEALAAAAAAMAAwAAAIajI8Hy22Q1IszQHphW3ZuXUUZ1ZXi8zFkUgAAOw==);
                background-repeat: no-repeat;
                background-position: 98% 50%;
            }
            .expandablesubsection {
                -moz-border-radius-bottomleft:15px; /* bottom left corner */
                -webkit-border-bottom-left-radius:15px; /* bottom left corner */
                border-bottom-left-radius: 15px;
                border-bottom: 1px solid #cccccc;
            }
            .collaspablesubsection {
                -moz-border-radius-bottomleft:0px; /* bottom left corner */
                -webkit-border-bottom-left-radius:0px; /* bottom left corner */
                border-bottom-left-radius: 0px;
                border-bottom: 0px solid #ffffff;
            }
            .standardsubsection {
                -moz-border-radius-bottomleft:0px; /* bottom left corner */
                -webkit-border-bottom-left-radius:0px; /* bottom left corner */
                border-bottom-left-radius: 0px;
                border-bottom: 0px solid #ffffff;
            }
            .content {
                margin-top:0px;
                margin-left:20px;
                margin-right:20px;
                margin-bottom:20px;
                background: #ffffff;
                padding: 20px;
            }

            .sectionheader {
                background-color: #cccccc;
                margin-top: 20px;
                margin-right: 20px;
                margin-left: 20px;
                margin-bottom: 0px;
                padding-top: 10px;
                padding-bottom: 10px;
                padding-left:20px;
                padding-right:20px;
                border-top: 1px solid #ccc;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;
                border-bottom: 0px;

                /*
                -moz-border-radius: 15px;
                -webkit-border-radius: 15px;
                -o-border-radius: 15px;
                border-radius: 15px;
                */

                /* firefox's individual border radius properties */
                -moz-border-radius-topleft:15px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomleft:0px; /* bottom left corner */
                -moz-border-radius-bottomright:0px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:15px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-left-radius:0px; /* bottom left corner */
                -webkit-border-bottom-right-radius:0px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 15px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 0px;
                border-bottom-left-radius: 0px;
            }
            .sectioncontent {
                margin-top:0px;
                margin-left:20px;
                margin-right:20px;
                margin-bottom:10px;
                background: #ffffff;

                padding-top: 10px;
                padding-bottom: 20px;
                padding-left:20px;
                padding-right:20px;

                border-top: 0px;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;
                border-bottom: 1px solid #ccc;

                -moz-border-radius-topleft:0px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomright:15px; /* bottom right corner */
                -moz-border-radius-bottomleft:15px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:0px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-right-radius:15px; /* bottom right corner */
                -webkit-border-bottom-left-radius:15px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 0px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 15px;
                border-bottom-left-radius: 15px;
            }

            .subsectionheader {
                background-color: #cccccc;
                margin-top: 20px;
                margin-right: 20px;
                margin-left: 0px;
                margin-bottom: 0px;
                padding-top: 10px;
                padding-bottom: 10px;
                padding-left:20px;
                padding-right:20px;
                border-top: 1px solid #ccc;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;

                /*
                -moz-border-radius: 15px;
                -webkit-border-radius: 15px;
                -o-border-radius: 15px;
                border-radius: 15px;
                */

                /* firefox's individual border radius properties */
                -moz-border-radius-topleft:15px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomright:0px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:15px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-right-radius:0px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 15px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 0px;
            }
            .subsectioncontent {
                margin-top:0px;
                margin-left:0px;
                margin-right:20px;
                margin-bottom:10px;
                background: #ffffff;
                padding-top: 10px;
                padding-left: 20px;
                padding-right: 20px;
                padding-bottom: 20px;
                border-top: 0px;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;
                border-bottom: 1px solid #ccc;

                -moz-border-radius-topleft:0px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomleft:15px; /* bottom left corner */
                -moz-border-radius-bottomright:15px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:0px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-left-radius:15px; /* bottom left corner */
                -webkit-border-bottom-right-radius:15px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 0px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 15px;
                border-bottom-left-radius: 15px;

            }
            .white {
                background-color: #ffffff;
            }
            .red {
                background-color: #DF0101;
            }
            .left {
                text-align: left;
            }
            .indent {
                margin-left:20px;
            }
            td{
                vertical-align:text-top;
                padding:6px;
                margin:0px;
            }
            th {
                text-align:left
                vertical-align:text-top;
                padding:6px;
                margin:0px;
                border-bottom:1px;
                border-color: black;
            }
            table {
                border: 0px;
            }
            table.lined tr:nth-child(even) {
                background-color: #f3f3f3;
            }
            .fullwidth {
                width:100%;
            }
            body {
                font: 13px "Droid Sans",Arial,"Helvetica Neue","Lucida Grande",sans-serif
            }
            ul {
                margin-top:3px;
                margin-bottom:3px;
            }
            .vulnerable {
                color: #000;
            }
            .notvulnerable {
                display:none;
            }
            .hidden {
                display:none;
            }
            .infolink {
                text-decoration:none;
                color: blue;
                float:right;
            }
            .infolink:hover {
                text-decoration:none;
                color: blue;
                float:right;
            }
            .disclaimer {
                color: #888888;
                font: 9px "Droid Sans",Arial,"Helvetica Neue","Lucida Grande",sans-serif
            }
            .sortable {
                cursor:pointer;
            }
            .sortable:hover {
                text-decoration:underline;
            }
        </style>
    </head>
    <body>
        <div id="modal-background"></div>
        <div id="modal-content">
            <div>Press CTR-C to copy XML&nbsp;<a href="http://jeremylong.github.io/DependencyCheck/general/suppression.html" class="infolink" target="_blank" title="Help with suppressing false positives">[help]</a></div>
                <textarea id="modal-text" cols="50" rows="10" readonly></textarea><br/>
                <button id="modal-add-header" title="Add the parent XML nodes to create the complete XML file that can be used to suppress this finding" class="modal-button">Complete XML Doc</button><button id="modal-close" class="modal-button-right">Close</button>
        </div>
        <div class="wrapper">
            <svg xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" version="1.1" x="0" y="0" width="459.5" height="150" viewBox="0 0 459.5 150" enable-background="new 0 0 595.28 841.89" xml:space="preserve"><g transform="translate(-79.10464,-172.551)"><path d="m246.1 274.3c-2.6 0-5.3-0.2-6.6-0.5-0.6-0.1-0.9-0.4-0.9-1.1l0-20.4c0-0.7 0.3-1 0.9-1.1 1.3-0.2 4-0.5 6.6-0.5 6.1 0 9.8 3.2 9.8 9.7l0 4c0 6.5-3.7 9.7-9.8 9.7zm4.6-13.7c0-4.2-1.8-5.3-4.6-5.3-0.8 0-1.8 0-2.2 0.1l0 14.4c0.4 0 1.4 0.1 2.2 0.1 2.8 0 4.6-1.1 4.6-5.3l0-4zM273 273.9 273 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM285.2 266c-0.7 0-1.7-0.1-2.5-0.1l0 7.5c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.2-0.6-0.6l0-20.7c0-1 0.4-1.3 1.4-1.5 1.6-0.2 4-0.4 6.3-0.4 4.7 0 9.2 1.6 9.2 7.4l0 0.3c0 5.8-4.6 7.5-9.2 7.5zm3.9-7.7c0-2.2-1.4-3-3.9-3-0.4 0-2.1 0.1-2.5 0.1l0 6.3c0.3 0 2.2 0.1 2.5 0.1 2.7 0 3.9-1 3.9-3.1l0-0.3zM311 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM332.4 274l-3 0c-0.6 0-1.1-0.1-1.6-1l-7-12.1c-0.1-0.2-0.2-0.2-0.3-0.2-0.1 0-0.2 0.1-0.2 0.2l0 12.5c0 0.3-0.3 0.6-0.6 0.6l-3.6 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.1c0-0.6 0.5-1.2 1.2-1.2l3.1 0c0.6 0 0.9 0.3 1.3 1l7.3 12.7c0.1 0.2 0.2 0.2 0.2 0.2 0.1 0 0.2-0.1 0.2-0.3l0-13c0-0.3 0.3-0.6 0.6-0.6l3.6 0c0.3 0 0.6 0.2 0.6 0.6l0 21.1c0 0.6-0.6 1.2-1.2 1.2zM345.4 274.3c-2.6 0-5.3-0.2-6.6-0.5-0.6-0.1-0.9-0.4-0.9-1.1l0-20.4c0-0.7 0.3-1 0.9-1.1 1.3-0.2 4-0.5 6.6-0.5 6.1 0 9.8 3.2 9.8 9.7l0 4c0 6.5-3.7 9.7-9.8 9.7zm4.6-13.7c0-4.2-1.8-5.3-4.6-5.3-0.8 0-1.8 0-2.2 0.1l0 14.4c0.4 0 1.4 0.1 2.2 0.1 2.8 0 4.6-1.1 4.6-5.3l0-4zM372.3 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM393.7 274l-3 0c-0.6 0-1.1-0.1-1.6-1l-7-12.1c-0.1-0.2-0.2-0.2-0.3-0.2-0.1 0-0.2 0.1-0.2 0.2l0 12.5c0 0.3-0.3 0.6-0.6 0.6l-3.6 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.1c0-0.6 0.5-1.2 1.2-1.2l3.1 0c0.6 0 0.9 0.3 1.3 1l7.3 12.7c0.1 0.2 0.2 0.2 0.2 0.2 0.1 0 0.2-0.1 0.2-0.3l0-13c0-0.3 0.3-0.6 0.6-0.6l3.6 0c0.3 0 0.6 0.2 0.6 0.6l0 21.1c0 0.6-0.6 1.2-1.2 1.2zM412.4 273.8c-0.6 0.2-2.4 0.5-4.6 0.5-4.7 0-9.1-2.5-9.1-9.8l0-3.9c0-7.3 4.4-9.8 9.1-9.8 2.2 0 3.9 0.3 4.6 0.5 0.4 0.1 0.7 0.2 0.7 0.7l0 3c0 0.4-0.2 0.6-0.6 0.6 0 0-0.1 0-0.1 0-1.2-0.1-2.9-0.2-4.6-0.2-2.1 0-3.8 1.1-3.8 5.2l0 3.9c0 4.1 1.7 5.2 3.8 5.2 1.7 0 3.4-0.2 4.6-0.2 0 0 0.1 0 0.1 0 0.4 0 0.6 0.2 0.6 0.6l0 3c0 0.4-0.2 0.6-0.7 0.7zM433.6 251.8l-4.7 10.7c-0.6 1.4-1.3 2.1-2 2.4l0 8.6c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-8.6c-0.7-0.3-1.4-1-2-2.4l-4.7-10.7c0-0.1 0-0.2 0-0.2 0-0.2 0.2-0.5 0.5-0.5l4.4 0c0.3 0 0.5 0.2 0.6 0.5l3.3 8.7c0.2 0.4 0.2 0.5 0.5 0.5 0.2 0 0.3-0.1 0.5-0.5l3.3-8.7c0.1-0.3 0.3-0.5 0.6-0.5l4.4 0c0.3 0 0.5 0.2 0.5 0.5 0 0.1 0 0.2 0 0.2zM442 266.5l-6 0c-0.3 0-0.6-0.2-0.6-0.6l0-2.5c0-0.3 0.3-0.6 0.6-0.6l6 0c0.3 0 0.6 0.2 0.6 0.6l0 2.5c0 0.3-0.3 0.6-0.6 0.6z" style="fill:#231f20;opacity:0.5"/><path d="m459 273.8c-0.6 0.2-2.4 0.5-4.6 0.5-4.7 0-9.1-2.5-9.1-9.8l0-3.9c0-7.3 4.4-9.8 9.1-9.8 2.2 0 3.9 0.3 4.6 0.5 0.4 0.1 0.7 0.2 0.7 0.7l0 3c0 0.4-0.2 0.6-0.6 0.6 0 0-0.1 0-0.1 0-1.2-0.1-2.9-0.2-4.6-0.2-2.1 0-3.8 1.1-3.8 5.2l0 3.9c0 4.1 1.7 5.2 3.8 5.2 1.7 0 3.4-0.2 4.6-0.2 0 0 0.1 0 0.1 0 0.4 0 0.6 0.2 0.6 0.6l0 3c0 0.4-0.2 0.6-0.7 0.7zM480.6 274l-4 0M480.6 274l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-8.9-7.6 0 0 8.9c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.7c0-0.3 0.3-0.6 0.6-0.6l4 0c0.3 0 0.6 0.2 0.6 0.6l0 8.2 7.6 0 0-8.2c0-0.3 0.3-0.6 0.6-0.6l4 0c0.3 0 0.6 0.2 0.6 0.6l0 21.7c0 0.3-0.3 0.6-0.6 0.6zM498.9 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM516.6 273.8c-0.6 0.2-2.4 0.5-4.6 0.5-4.7 0-9.1-2.5-9.1-9.8l0-3.9c0-7.3 4.4-9.8 9.1-9.8 2.2 0 3.9 0.3 4.6 0.5 0.4 0.1 0.7 0.2 0.7 0.7l0 3c0 0.4-0.2 0.6-0.6 0.6 0 0-0.1 0-0.1 0-1.2-0.1-2.9-0.2-4.6-0.2-2.1 0-3.8 1.1-3.8 5.2l0 3.9c0 4.1 1.7 5.2 3.8 5.2 1.7 0 3.4-0.2 4.6-0.2 0 0 0.1 0 0.1 0 0.4 0 0.6 0.2 0.6 0.6l0 3c0 0.4-0.2 0.6-0.7 0.7zM538.5 251.9l-7.3 10.4 7.4 11.1c0.1 0.1 0.1 0.2 0.1 0.3 0 0.2-0.2 0.3-0.4 0.3l-5.3 0c-0.4 0-0.5-0.2-0.7-0.4l-6.3-10.2 0 10c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.7c0-0.3 0.3-0.6 0.6-0.6l4 0c0.3 0 0.6 0.2 0.6 0.6l0 9.8 6.8-10c0.2-0.2 0.3-0.4 0.7-0.4l4.7 0c0.3 0 0.5 0.2 0.5 0.3 0 0.1-0.1 0.3-0.2 0.4z" fill="#f78d0a"/><path d="m151.6 187.1 0-14.6c-36.7 5.4-65.9 33.9-72.2 70.4l14.7 0C100 214.5 122.8 192.2 151.6 187.1Z" style="fill:#231f20;opacity:0.5"/><path d="m151.6 200.4 0-13.3c-28.7 5.1-51.6 27.3-57.5 55.8l13.3 0c5.5-21.2 22.6-37.8 44.2-42.5z" style="fill:#231f20;opacity:0.3"/><path d="m193 237-10.9 10.9c0.3 0.6 0.7 1.2 1 1.9 1 2.5 1.5 5.3 1.5 8.2l0 0.2c0 3-0.5 5.8-1.5 8.2-1 2.5-2.4 4.6-4.2 6.4-1.8 1.8-3.9 3.2-6.4 4.2-2.5 1-5.3 1.5-8.3 1.5l-11.5 0 0-1-14.4 14.4 25.9 0c5.3 0 10.1-0.9 14.6-2.6 4.4-1.7 8.2-4.1 11.4-7.2 3.2-3 5.7-6.6 7.4-10.7 1.7-4.1 2.6-8.6 2.6-13.3l0-0.2c0-4.8-0.9-9.2-2.6-13.3-1.2-2.7-2.7-5.2-4.5-7.5z" fill="#f78d0a"/><path d="m152.7 237.6 11.5 0c3 0 5.8 0.5 8.3 1.5 2.5 1 4.7 2.4 6.4 4.2 1.3 1.3 2.3 2.9 3.2 4.6l10.9-10.9c-0.9-1.1-1.8-2.2-2.9-3.2-3.2-3-7-5.4-11.4-7.1-4.4-1.7-9.3-2.6-14.6-2.6l-26.4 0 0 67.7 0.5 0 14.4-14.4 0-39.8z" style="fill:#f78d0a;opacity:0.7"/><path d="m179.5 187.7 0 13.4c11.9 3.2 22.3 10.1 29.9 19.4l9.2-9.3c-10-11.7-23.6-20.1-39.2-23.5z" style="fill:#231f20;opacity:0.3"/><path d="m179.5 173 0 14.7c15.5 3.4 29.2 11.8 39.2 23.5l10.2-10.2c-12.6-14.3-29.8-24.5-49.4-28zM93.7 270.9l-14.6 0M93.7 270.9l-14.6 0c3.1 20.5 13.6 38.6 28.5 51.7l10.2-10.2C105.5 301.9 96.8 287.4 93.7 270.9Z" fill="#f78d0a"/><path d="m107 270.9-13.3 0c3.1 16.5 11.8 31 24.1 41.5l9.2-9.3c-9.9-8.1-17.1-19.3-20-32.2z" style="fill:#231f20;opacity:0.3"/></g></svg>
<p class="disclaimer">Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.</p>

            <h2 class="">Project:&nbsp;ofbiz</h2>
            <div class="">

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Scan Information (<a href="#" title="Click to toggle display" onclick="return toggleDisplay(this, '.scaninfo', 'show all', 'show less');  return false;">show all</a>):<br/>
                    <ul class="indent">
                        <li><i>dependency-check version</i>: 1.4.0</li>
                        <li><i>Report Generated On</i>: févr. 11, 2017 at 14:09:13 CET</li>
                        <li><i>Dependencies Scanned</i>:&nbsp;425</li>
                        <li><i>Vulnerable Dependencies</i>:&nbsp;82</li>
                        <li><i>Vulnerabilities Found</i>:&nbsp;361</li>
                        <li><i>Vulnerabilities Suppressed</i>:&nbsp;0</li>
                        <li class="scaninfo">...</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2002</i>: 03/02/2017 09:06:57</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2003</i>: 03/01/2017 09:25:13</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2004</i>: 02/02/2017 09:05:56</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2005</i>: 20/01/2017 09:25:07</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2006</i>: 20/01/2017 09:22:50</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2007</i>: 20/01/2017 09:20:14</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2008</i>: 20/01/2017 09:17:42</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2009</i>: 08/02/2017 09:10:21</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2010</i>: 09/02/2017 09:09:26</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2011</i>: 08/02/2017 09:08:02</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2012</i>: 11/02/2017 09:09:05</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2013</i>: 10/02/2017 09:06:36</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2014</i>: 11/02/2017 09:06:56</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2015</i>: 02/02/2017 09:04:55</li>
                                                <li class="scaninfo hidden"><i>NVD CVE 2017</i>: 11/02/2017 09:00:08</li>
                                                <li class="scaninfo hidden"><i>NVD CVE Checked</i>: 11/02/2017 13:59:58</li>
                                                <li class="scaninfo hidden"><i>NVD CVE Modified</i>: 11/02/2017 12:00:39</li>
                                                <li class="scaninfo hidden"><i>VersionCheckOn</i>: 1486096882201</li>
                                            </ul><br/>
                Display:&nbsp;<a href="#" title="Click to toggle display" onclick="return toggleDisplay(this, '.notvulnerable', 'Showing Vulnerable Dependencies (click to show all)', 'Showing All Dependencies (click to show less)'); return false;">Showing Vulnerable Dependencies (click to show all)</a><br/><br/>
                                <table id="summaryTable" class="lined">
                    <thead><tr style="text-align:left">
                        <th class="sortable" data-sort="string" title="The name of the dependency">Dependency</th>
                        <th class="sortable" data-sort="string" title="The Common Platform Enumeration">CPE</th>
                        <th class="sortable" data-sort="string" title="The Maven GAV Coordinates">GAV</th>
                        <th class="sortable" data-sort="int" title="The highest CVE Severity">Highest Severity</th>
                        <th class="sortable" data-sort="int" title="The number of Common Vulnerability and Exposure (CVE) entries">CVE Count</th>
                        <th class="sortable" data-sort="string" title="The confidence rating dependency-check has for the identified CPE">CPE Confidence</th>
                        <th class="sortable" data-sort="int" title="The count of evidence collected to identify the CPE">Evidence Count</th>
                    </tr></thead>
                                        <tr class="notvulnerable">
                        <td data-sort-value="antlr-2.7.6.jar"><a href="#l1_cf4f67dae5df4f9932ae7810f4548ef3e14dd35e">antlr-2.7.6.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="antlr:antlr:2.7.6">                                                        <a href="http://search.maven.org/remotecontent?filepath=antlr/antlr/2.7.6/antlr-2.7.6.jar" target="_blank">antlr:antlr:2.7.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>11</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="aopalliance-1.0.jar"><a href="#l2_0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8">aopalliance-1.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="aopalliance:aopalliance:1.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=aopalliance/aopalliance/1.0/aopalliance-1.0.jar" target="_blank">aopalliance:aopalliance:1.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xercesImpl-2.9.1.jar"><a href="#l3_7bc7e49ddfe4fb5f193ed37ecc96c12292c8ceb6">xercesImpl-2.9.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="xerces:xercesImpl:2.9.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=xerces/xercesImpl/2.9.1/xercesImpl-2.9.1.jar" target="_blank">xerces:xercesImpl:2.9.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>55</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="asm-attrs-1.5.3.jar"><a href="#l4_911ca40cdb527969ee47dc6f782425d94a36b510">asm-attrs-1.5.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="asm:asm-attrs:1.5.3">                                                        <a href="http://search.maven.org/remotecontent?filepath=asm/asm-attrs/1.5.3/asm-attrs-1.5.3.jar" target="_blank">asm:asm-attrs:1.5.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="asm-1.5.3.jar"><a href="#l5_63a2715c39c9e97f88fe371d4441a1b3493d74f9">asm-1.5.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="asm:asm:1.5.3">                                                        <a href="http://search.maven.org/remotecontent?filepath=asm/asm/1.5.3/asm-1.5.3.jar" target="_blank">asm:asm:1.5.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="aspectjrt-1.5.3.jar"><a href="#l6_080e9fde0223721baefb5df5f251888cc2456ed6">aspectjrt-1.5.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="aspectj:aspectjrt:1.5.3">                                                        <a href="http://search.maven.org/remotecontent?filepath=aspectj/aspectjrt/1.5.3/aspectjrt-1.5.3.jar" target="_blank">aspectj:aspectjrt:1.5.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="aspectjweaver-1.5.3.jar"><a href="#l7_4040e72d0dda6e9a03d879835cd3f70f19284c34">aspectjweaver-1.5.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="aspectj:aspectjweaver:1.5.3">                                                        <a href="http://search.maven.org/remotecontent?filepath=aspectj/aspectjweaver/1.5.3/aspectjweaver-1.5.3.jar" target="_blank">aspectj:aspectjweaver:1.5.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="avalon-framework-impl-4.2.0.jar"><a href="#l8_4da1db18947eb6950abb7ad79253011b9aec0e48">avalon-framework-impl-4.2.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="avalon-framework:avalon-framework-impl:4.2.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=avalon-framework/avalon-framework-impl/4.2.0/avalon-framework-impl-4.2.0.jar" target="_blank">avalon-framework:avalon-framework-impl:4.2.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="backport-util-concurrent-3.1.jar"><a href="#l9_682f7ac17fed79e92f8e87d8455192b63376347b">backport-util-concurrent-3.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="backport-util-concurrent:backport-util-concurrent:3.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=backport-util-concurrent/backport-util-concurrent/3.1/backport-util-concurrent-3.1.jar" target="_blank">backport-util-concurrent:backport-util-concurrent:3.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="bcmail-jdk14-138.jar"><a href="#l10_14ff2dfec8578f5f6838c4d6a77a86789afe5382">bcmail-jdk14-138.jar</a></td>
                                                                                                                                                                                <td data-sort-value="">
                                                                                                                                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="bouncycastle:bcmail-jdk14:138">                                                        <a href="http://search.maven.org/remotecontent?filepath=bouncycastle/bcmail-jdk14/138/bcmail-jdk14-138.jar" target="_blank">bouncycastle:bcmail-jdk14:138</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="bcprov-jdk14-138.jar"><a href="#l11_de366c3243a586eb3c0e2bcde1ed9bb1bfb985ff">bcprov-jdk14-138.jar</a></td>
                                                                                                                                                                                                                                                                                                                                                <td data-sort-value="cpe:/a:bouncycastle:bouncy-castle-crypto-package:14.138cpe:/a:bouncycastle:bouncy_castle_crypto_package:14.138">
                                                                                                                                                                                                                                                                                                                                cpe:/a:bouncycastle:bouncy-castle-crypto-package:14.138
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:bouncycastle:bouncy_castle_crypto_package:14.138
                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="bouncycastle:bcprov-jdk14:138">                                                        <a href="http://search.maven.org/remotecontent?filepath=bouncycastle/bcprov-jdk14/138/bcprov-jdk14-138.jar" target="_blank">bouncycastle:bcprov-jdk14:138</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="c3p0-0.9.1.1.jar"><a href="#l12_302704f30c6e7abb7a0457f7771739e03c973e80">c3p0-0.9.1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="c3p0:c3p0:0.9.1.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=c3p0/c3p0/0.9.1.1/c3p0-0.9.1.1.jar" target="_blank">c3p0:c3p0:0.9.1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="cglib-2.1_3.jar"><a href="#l13_d3851e366b9fe8b7d8215de0f9eb980b359d8de0">cglib-2.1_3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="cglib:cglib:2.1_3">                                                        <a href="http://search.maven.org/remotecontent?filepath=cglib/cglib/2.1_3/cglib-2.1_3.jar" target="_blank">cglib:cglib:2.1_3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xmpcore-5.1.2.jar"><a href="#l14_55615fa2582424e38705487d1d3969af8554f637">xmpcore-5.1.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.adobe.xmp:xmpcore:5.1.2">                                                        <a href="http://search.maven.org/remotecontent?filepath=com/adobe/xmp/xmpcore/5.1.2/xmpcore-5.1.2.jar" target="_blank">com.adobe.xmp:xmpcore:5.1.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jcommander-1.35.jar"><a href="#l15_47592e181b0bdbbeb63029e08c5e74f6803c4edd">jcommander-1.35.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.beust:jcommander:1.35">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2247592e181b0bdbbeb63029e08c5e74f6803c4edd%22" target="_blank">com.beust:jcommander:1.35</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>15</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hppc-0.7.1.jar"><a href="#l16_8b5057f74ea378c0150a1860874a3ebdcb713767">hppc-0.7.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.carrotsearch:hppc:0.7.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%228b5057f74ea378c0150a1860874a3ebdcb713767%22" target="_blank">com.carrotsearch:hppc:0.7.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="metadata-extractor-2.8.0.jar"><a href="#l17_c771dba842e459b704081212c66182eb351728de">metadata-extractor-2.8.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.drewnoakes:metadata-extractor:2.8.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22c771dba842e459b704081212c66182eb351728de%22" target="_blank">com.drewnoakes:metadata-extractor:2.8.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="presto-parser-0.122.jar"><a href="#l18_b4261cbabfd2f28b8d4d20d7e3a3d1be48bb890c">presto-parser-0.122.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:facebook:facebook:0.122">
                                                                                                                                                                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Afacebook%3Afacebook" target="_blank">cpe:/a:facebook:facebook:0.122</a>
                                                                                                                                                                            </td>
                                                <td data-sort-value="com.facebook.presto:presto-parser:0.122">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22b4261cbabfd2f28b8d4d20d7e3a3d1be48bb890c%22" target="_blank">com.facebook.presto:presto-parser:0.122</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="93.0">
                                                    High
                                                </td>
                        <td>1</td>
                        <td data-sort-value="3">LOW</td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jackson-annotations-2.4.0.jar"><a href="#l19_d6a66c7a5f01cf500377bd669507a08cfeba882a">jackson-annotations-2.4.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.fasterxml.jackson.core:jackson-annotations:2.4.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22d6a66c7a5f01cf500377bd669507a08cfeba882a%22" target="_blank">com.fasterxml.jackson.core:jackson-annotations:2.4.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jackson-core-2.6.1.jar"><a href="#l20_892d15011456ea3563319b27bdd612dbc89bb776">jackson-core-2.6.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.fasterxml.jackson.core:jackson-core:2.6.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22892d15011456ea3563319b27bdd612dbc89bb776%22" target="_blank">com.fasterxml.jackson.core:jackson-core:2.6.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jackson-databind-2.4.2.jar"><a href="#l21_8e31266a272ad25ac4c089734d93e8d811652c1f">jackson-databind-2.4.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.fasterxml.jackson.core:jackson-databind:2.4.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%228e31266a272ad25ac4c089734d93e8d811652c1f%22" target="_blank">com.fasterxml.jackson.core:jackson-databind:2.4.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jackson-dataformat-smile-2.5.4.jar"><a href="#l22_db0c5f1b6e16cb5f5e0505abfcd4b36f3e8bfdc6">jackson-dataformat-smile-2.5.4.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.5.4">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22db0c5f1b6e16cb5f5e0505abfcd4b36f3e8bfdc6%22" target="_blank">com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.5.4</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>27</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="caffeine-1.0.1.jar"><a href="#l23_eb95a1eb55cb02018b8e0bc1609ce569b455ea98">caffeine-1.0.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.github.ben-manes.caffeine:caffeine:1.0.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=com/github/ben-manes/caffeine/caffeine/1.0.1/caffeine-1.0.1.jar" target="_blank">com.github.ben-manes.caffeine:caffeine:1.0.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="junrar-0.7.jar"><a href="#l24_18cc717b85af0b12ba922abf415c2ff4716f8219">junrar-0.7.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.github.junrar:junrar:0.7">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2218cc717b85af0b12ba922abf415c2ff4716f8219%22" target="_blank">com.github.junrar:junrar:0.7</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>12</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="curvesapi-1.03.jar"><a href="#l25_6b0977602901464b056959027fdf2396050f9dd2">curvesapi-1.03.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.github.virtuald:curvesapi:1.03">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%226b0977602901464b056959027fdf2396050f9dd2%22" target="_blank">com.github.virtuald:curvesapi:1.03</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="gson-2.2.4.jar"><a href="#l26_a60a5e993c98c864010053cb901b7eab25306568">gson-2.2.4.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.google.code.gson:gson:2.2.4">                                                        <a href="http://search.maven.org/remotecontent?filepath=com/google/code/gson/gson/2.2.4/gson-2.2.4.jar" target="_blank">com.google.code.gson:gson:2.2.4</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="guava-21.0.jar"><a href="#l27_3a3d111be1be1b745edfa7d91678a12d7ed38709">guava-21.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.google.guava:guava:21.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223a3d111be1be1b745edfa7d91678a12d7ed38709%22" target="_blank">com.google.guava:guava:21.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="protobuf-java-2.5.0.jar"><a href="#l28_a10732c76bfacdbd633a7eb0f7968b1059a65dfa">protobuf-java-2.5.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.google.protobuf:protobuf-java:2.5.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22a10732c76bfacdbd633a7eb0f7968b1059a65dfa%22" target="_blank">com.google.protobuf:protobuf-java:2.5.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="core-3.2.1.jar"><a href="#l29_2287494d4f5f9f3a9a2bb6980e3f32053721b315">core-3.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.google.zxing:core:3.2.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%222287494d4f5f9f3a9a2bb6980e3f32053721b315%22" target="_blank">com.google.zxing:core:3.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="concurrentlinkedhashmap-lru-1.0.jar"><a href="#l30_db7b7a28b835db4717d4aaf31f5d4441887a6d46">concurrentlinkedhashmap-lru-1.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22db7b7a28b835db4717d4aaf31f5d4441887a6d46%22" target="_blank">com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ez-vcard-0.9.10.jar"><a href="#l31_1997520f849718ec99a92aa67c17e408e5cca32a">ez-vcard-0.9.10.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.googlecode.ez-vcard:ez-vcard:0.9.10">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%221997520f849718ec99a92aa67c17e408e5cca32a%22" target="_blank">com.googlecode.ez-vcard:ez-vcard:0.9.10</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="json-simple-1.1.1.jar"><a href="#l32_c9ad4a0850ab676c5c64461a05ca524cdfff59f1">json-simple-1.1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.googlecode.json-simple:json-simple:1.1.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22c9ad4a0850ab676c5c64461a05ca524cdfff59f1%22" target="_blank">com.googlecode.json-simple:json-simple:1.1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>15</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="juniversalchardet-1.0.3.jar"><a href="#l33_cd49678784c46aa8789c060538e0154013bb421b">juniversalchardet-1.0.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.googlecode.juniversalchardet:juniversalchardet:1.0.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22cd49678784c46aa8789c060538e0154013bb421b%22" target="_blank">com.googlecode.juniversalchardet:juniversalchardet:1.0.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="isoparser-1.0.2.jar"><a href="#l34_6d9a5c5814ec67178dd1d5a25bae874d4697a5b8">isoparser-1.0.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.googlecode.mp4parser:isoparser:1.0.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%226d9a5c5814ec67178dd1d5a25bae874d4697a5b8%22" target="_blank">com.googlecode.mp4parser:isoparser:1.0.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="owasp-java-html-sanitizer-20160628.1.jar"><a href="#l35_bf17ddc1f7c0b37157f59fa0d32a46e47b07efb3">owasp-java-html-sanitizer-20160628.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20160628.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22bf17ddc1f7c0b37157f59fa0d32a46e47b07efb3%22" target="_blank">com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20160628.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jackcess-encrypt-2.1.1.jar"><a href="#l36_effacd7133ab76ee54c0488dd952b177bfeb85a3">jackcess-encrypt-2.1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.healthmarketscience.jackcess:jackcess-encrypt:2.1.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22effacd7133ab76ee54c0488dd952b177bfeb85a3%22" target="_blank">com.healthmarketscience.jackcess:jackcess-encrypt:2.1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jackcess-2.1.2.jar"><a href="#l37_b7f61fbb78919cb851868ce177d8fe626a6b4370">jackcess-2.1.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.healthmarketscience.jackcess:jackcess:2.1.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22b7f61fbb78919cb851868ce177d8fe626a6b4370%22" target="_blank">com.healthmarketscience.jackcess:jackcess:2.1.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="icu4j-57.1.jar"><a href="#l38_198ea005f41219f038f4291f0b0e9f3259730e92">icu4j-57.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:icu_project:international_components_for_unicode:57.1">
                                                                                                                                                                                                                                                                                                                                cpe:/a:icu_project:international_components_for_unicode:57.1
                                                                                                                                                                            </td>
                                                <td data-sort-value="com.ibm.icu:icu4j:57.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=com/ibm/icu/icu4j/57.1/icu4j-57.1.jar" target="_blank">com.ibm.icu:icu4j:57.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="3">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="itext-2.1.7.jar"><a href="#l39_892bfb3e97074a61123b3b2d7caa2db112750864">itext-2.1.7.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.lowagie:itext:2.1.7">                                                        <a href="http://search.maven.org/remotecontent?filepath=com/lowagie/itext/2.1.7/itext-2.1.7.jar" target="_blank">com.lowagie:itext:2.1.7</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="java-libpst-0.8.1.jar"><a href="#l40_ad31986653dac9cb5132ea5b2999c20b4b286255">java-libpst-0.8.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.pff:java-libpst:0.8.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22ad31986653dac9cb5132ea5b2999c20b4b286255%22" target="_blank">com.pff:java-libpst:0.8.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>12</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="rome-utils-1.5.1.jar"><a href="#l41_3a3d6473a2f5d55fb31bf6c269af963fdea13b54">rome-utils-1.5.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.rometools:rome-utils:1.5.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223a3d6473a2f5d55fb31bf6c269af963fdea13b54%22" target="_blank">com.rometools:rome-utils:1.5.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>15</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="rome-1.5.1.jar"><a href="#l42_cc3489f066749bede7fc81f4e80c0d8c9534a210">rome-1.5.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.rometools:rome:1.5.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22cc3489f066749bede7fc81f4e80c0d8c9534a210%22" target="_blank">com.rometools:rome:1.5.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="javax.mail-1.5.1.jar"><a href="#l43_9724dd44f1abbba99c9858aa05fc91d53f59e7a5">javax.mail-1.5.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:sun:javamail:1.5.1">
                                                                                                                                                                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Asun%3Ajavamail" target="_blank">cpe:/a:sun:javamail:1.5.1</a>
                                                                                                                                                                            </td>
                                                <td data-sort-value="com.sun.mail:javax.mail:1.5.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%229724dd44f1abbba99c9858aa05fc91d53f59e7a5%22" target="_blank">com.sun.mail:javax.mail:1.5.1</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="50.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="3">LOW</td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="com.springsource.com.sun.syndication-0.9.0.jar"><a href="#l44_2c8daab3471d3060d115cdcf4af2a88cb04744c1">com.springsource.com.sun.syndication-0.9.0.jar</a></td>
                                                                        <td data-sort-value="">
                                                                        </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="3"></td>
                        <td>15</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jaxb-impl-2.1.9.jar"><a href="#l45_9c137963871ba7296643806b01083e4cf1703769">jaxb-impl-2.1.9.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.sun.xml.bind:jaxb-impl:2.1.9">                                                        <a href="http://search.maven.org/remotecontent?filepath=com/sun/xml/bind/jaxb-impl/2.1.9/jaxb-impl-2.1.9.jar" target="_blank">com.sun.xml.bind:jaxb-impl:2.1.9</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="t-digest-3.1.jar"><a href="#l46_451ed219688aed5821a789428fd5e10426d11312">t-digest-3.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.tdunning:t-digest:3.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22451ed219688aed5821a789428fd5e10426d11312%22" target="_blank">com.tdunning:t-digest:3.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xstream-1.4.9.jar"><a href="#l47_c43f6e6bfa79b56e04a8898a923c3cf7144dd460">xstream-1.4.9.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.thoughtworks.xstream:xstream:1.4.9">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22c43f6e6bfa79b56e04a8898a923c3cf7144dd460%22" target="_blank">com.thoughtworks.xstream:xstream:1.4.9</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>33</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="commons-beanutils-core-1.8.0.jar"><a href="#l48_175dc721f87e4bc5cc0573f990e28c3cf9117508">commons-beanutils-core-1.8.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:commons_beanutils:1.8.0">
                                                                                                                                                                                                                                                                                                                                cpe:/a:apache:commons_beanutils:1.8.0
                                                                                                                                                                            </td>
                                                <td data-sort-value="commons-beanutils:commons-beanutils-core:1.8.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=commons-beanutils/commons-beanutils-core/1.8.0/commons-beanutils-core-1.8.0.jar" target="_blank">commons-beanutils:commons-beanutils-core:1.8.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>1</td>
                        <td data-sort-value="3">LOW</td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-beanutils-1.9.2.jar"><a href="#l49_7a87d845ad3a155297e8f67d9008f4c1e5656b71">commons-beanutils-1.9.2.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:commons_beanutils:1.9.2">
                                                                                                                                                                                                                                                                                                                                cpe:/a:apache:commons_beanutils:1.9.2
                                                                                                                                                                            </td>
                                                <td data-sort-value="commons-beanutils:commons-beanutils:1.9.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%227a87d845ad3a155297e8f67d9008f4c1e5656b71%22" target="_blank">commons-beanutils:commons-beanutils:1.9.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="3">LOW</td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-cli-1.3.1.jar"><a href="#l50_1303efbc4b181e5a58bf2e967dc156a3132b97c0">commons-cli-1.3.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-cli:commons-cli:1.3.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%221303efbc4b181e5a58bf2e967dc156a3132b97c0%22" target="_blank">commons-cli:commons-cli:1.3.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>27</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-codec-1.10.jar"><a href="#l51_4b95f4897fa13f2cd904aee711aeafc0c5295cd8">commons-codec-1.10.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-codec:commons-codec:1.10">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%224b95f4897fa13f2cd904aee711aeafc0c5295cd8%22" target="_blank">commons-codec:commons-codec:1.10</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>27</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-collections-3.2.2.jar"><a href="#l52_8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5">commons-collections-3.2.2.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:commons_collections:3.2.2">
                                                                                                                                                                                                                                                                                                                                cpe:/a:apache:commons_collections:3.2.2
                                                                                                                                                                            </td>
                                                <td data-sort-value="commons-collections:commons-collections:3.2.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%228ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5%22" target="_blank">commons-collections:commons-collections:3.2.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="3">LOW</td>
                        <td>28</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-configuration-1.6.jar"><a href="#l53_32cadde23955d7681b0d94a2715846d20b425235">commons-configuration-1.6.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-configuration:commons-configuration:1.6">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2232cadde23955d7681b0d94a2715846d20b425235%22" target="_blank">commons-configuration:commons-configuration:1.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-digester-1.8.1.jar"><a href="#l54_3dec9b9c7ea9342d4dbe8c38560080d85b44a015">commons-digester-1.8.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-digester:commons-digester:1.8.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223dec9b9c7ea9342d4dbe8c38560080d85b44a015%22" target="_blank">commons-digester:commons-digester:1.8.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-discovery-0.5.jar"><a href="#l55_3a8ac816bbe02d2f88523ef22cbf2c4abd71d6a8">commons-discovery-0.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-discovery:commons-discovery:0.5">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223a8ac816bbe02d2f88523ef22cbf2c4abd71d6a8%22" target="_blank">commons-discovery:commons-discovery:0.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-fileupload-1.3.1.jar"><a href="#l56_c621b54583719ac0310404463d6d99db27e1052c">commons-fileupload-1.3.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:commons_fileupload:1.3.1">
                                                                                                                                                                                                                                                                                                                                cpe:/a:apache:commons_fileupload:1.3.1
                                                                                                                                                                            </td>
                                                <td data-sort-value="commons-fileupload:commons-fileupload:1.3.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22c621b54583719ac0310404463d6d99db27e1052c%22" target="_blank">commons-fileupload:commons-fileupload:1.3.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="3">LOW</td>
                        <td>26</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="commons-httpclient-3.1.jar"><a href="#l57_964cd74171f427720480efdec40a7c7f6e58426a">commons-httpclient-3.1.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:commons-httpclient:3.1cpe:/a:apache:httpclient:3.1">
                                                                                                                                                                                                                                                                                                                                cpe:/a:apache:commons-httpclient:3.1
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:apache:httpclient:3.1
                                                                                                                                            </td>
                                                <td data-sort-value="commons-httpclient:commons-httpclient:3.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar" target="_blank">commons-httpclient:commons-httpclient:3.1</a>
                                                </td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="58.0">
                                                    Medium
                                                </td>
                        <td>3</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-io-2.5.jar"><a href="#l58_2852e6e05fbb95076fc091f6d1780f1f8fe35e0f">commons-io-2.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-io:commons-io:2.5">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%222852e6e05fbb95076fc091f6d1780f1f8fe35e0f%22" target="_blank">commons-io:commons-io:2.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>28</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-lang-2.6.jar"><a href="#l59_0ce1edb914c94ebc388f086c6827e8bdeec71ac2">commons-lang-2.6.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-lang:commons-lang:2.6">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%220ce1edb914c94ebc388f086c6827e8bdeec71ac2%22" target="_blank">commons-lang:commons-lang:2.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-logging-api-1.1.jar"><a href="#l60_7d4cf5231d46c8524f9b9ed75bb2d1c69ab93322">commons-logging-api-1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-logging:commons-logging-api:1.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.jar" target="_blank">commons-logging:commons-logging-api:1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-logging-1.2.jar"><a href="#l61_4bfc12adfe4842bf07b657f0369c4cb522955686">commons-logging-1.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-logging:commons-logging:1.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%224bfc12adfe4842bf07b657f0369c4cb522955686%22" target="_blank">commons-logging:commons-logging:1.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-net-3.3.jar"><a href="#l62_cd0d5510908225f76c5fe5a3f1df4fa44866f81e">commons-net-3.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-net:commons-net:3.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22cd0d5510908225f76c5fe5a3f1df4fa44866f81e%22" target="_blank">commons-net:commons-net:3.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-validator-1.5.1.jar"><a href="#l63_86d05a46e8f064b300657f751b5a98c62807e2a0">commons-validator-1.5.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-validator:commons-validator:1.5.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2286d05a46e8f064b300657f751b5a98c62807e2a0%22" target="_blank">commons-validator:commons-validator:1.5.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>28</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="boilerpipe-1.1.0.jar"><a href="#l64_f62cb75ed52455a9e68d1d05b84c500673340eb2">boilerpipe-1.1.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="de.l3s.boilerpipe:boilerpipe:1.1.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=de/l3s/boilerpipe/boilerpipe/1.1.0/boilerpipe-1.1.0.jar" target="_blank">de.l3s.boilerpipe:boilerpipe:1.1.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="juel-impl-2.2.7.jar"><a href="#l65_97958467acef4c2b230b72354a4eefc66628dd99">juel-impl-2.2.7.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="de.odysseus.juel:juel-impl:2.2.7">                                                        <a href="http://search.maven.org/remotecontent?filepath=de/odysseus/juel/juel-impl/2.2.7/juel-impl-2.2.7.jar" target="_blank">de.odysseus.juel:juel-impl:2.2.7</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>24</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="juel-spi-2.2.7.jar"><a href="#l66_ca146332a93720784f24a5a24bb71c6d545133bd">juel-spi-2.2.7.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="de.odysseus.juel:juel-spi:2.2.7">                                                        <a href="http://search.maven.org/remotecontent?filepath=de/odysseus/juel/juel-spi/2.2.7/juel-spi-2.2.7.jar" target="_blank">de.odysseus.juel:juel-spi:2.2.7</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="dom4j-1.6.1.jar"><a href="#l67_5d3ccc056b6f056dbf0dddfdf43894b9065a8f94">dom4j-1.6.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="dom4j:dom4j:1.6.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=dom4j/dom4j/1.6.1/dom4j-1.6.1.jar" target="_blank">dom4j:dom4j:1.6.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="cdm-4.5.5.jar"><a href="#l68_af1748a3d024069cb7fd3fc2591efe806c914589">cdm-4.5.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="edu.ucar:cdm:4.5.5">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22af1748a3d024069cb7fd3fc2591efe806c914589%22" target="_blank">edu.ucar:cdm:4.5.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="grib-4.5.5.jar"><a href="#l69_cfe552910e9a8d57ce71134796abb281a74ead16">grib-4.5.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="edu.ucar:grib:4.5.5">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22cfe552910e9a8d57ce71134796abb281a74ead16%22" target="_blank">edu.ucar:grib:4.5.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="httpservices-4.5.5.jar"><a href="#l70_ee5f217be599e5e03f7f0e55e03f9e721a154f62">httpservices-4.5.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="edu.ucar:httpservices:4.5.5">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22ee5f217be599e5e03f7f0e55e03f9e721a154f62%22" target="_blank">edu.ucar:httpservices:4.5.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jj2000-5.2.jar"><a href="#l71_b857c9bdf12fe17d8ef98218eaa39e6a0c6ff493">jj2000-5.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="edu.ucar:jj2000:5.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22b857c9bdf12fe17d8ef98218eaa39e6a0c6ff493%22" target="_blank">edu.ucar:jj2000:5.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="netcdf4-4.5.5.jar"><a href="#l72_0675d63ecc857c50dd50858011b670160aa30b62">netcdf4-4.5.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="edu.ucar:netcdf4:4.5.5">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%220675d63ecc857c50dd50858011b670160aa30b62%22" target="_blank">edu.ucar:netcdf4:4.5.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>15</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="udunits-4.5.5.jar"><a href="#l73_d8c8d65ade13666eedcf764889c69321c247f153">udunits-4.5.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="edu.ucar:udunits:4.5.5">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22d8c8d65ade13666eedcf764889c69321c247f153%22" target="_blank">edu.ucar:udunits:4.5.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="slice-0.10.jar"><a href="#l74_159a81631ed2cc1bc865f3d8e51239c9e8a20bea">slice-0.10.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="io.airlift:slice:0.10">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22159a81631ed2cc1bc865f3d8e51239c9e8a20bea%22" target="_blank">io.airlift:slice:0.10</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="activation-1.1.jar"><a href="#l75_e6cb541461c2834bdea3eb920f1884d1eb508b50">activation-1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="javax.activation:activation:1.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=javax/activation/activation/1.1/activation-1.1.jar" target="_blank">javax.activation:activation:1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="javax.annotation-api-1.2.jar"><a href="#l76_479c1e06db31c432330183f5cae684163f186146">javax.annotation-api-1.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="javax.annotation:javax.annotation-api:1.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22479c1e06db31c432330183f5cae684163f186146%22" target="_blank">javax.annotation:javax.annotation-api:1.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>25</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="javax.el-api-3.0.1-b04.jar"><a href="#l77_8c0c970b8deae5054ff0bf4b17979c8181a506d3">javax.el-api-3.0.1-b04.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:oracle:glassfish:3.0.1.b04">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aoracle%3Aglassfish" target="_blank">cpe:/a:oracle:glassfish:3.0.1.b04</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="javax.el:javax.el-api:3.0.1-b04">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%228c0c970b8deae5054ff0bf4b17979c8181a506d3%22" target="_blank">javax.el:javax.el-api:3.0.1-b04</a>
                                                </td>
                                                                                                                                                                                                            <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>2</td>
                        <td data-sort-value="0">LOW</td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jsr-275-0.9.3.jar"><a href="#l78_ab2fb094fc5297ae5636ef6ed0d6051d5a656588">jsr-275-0.9.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="javax.measure:jsr-275:0.9.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22ab2fb094fc5297ae5636ef6ed0d6051d5a656588%22" target="_blank">javax.measure:jsr-275:0.9.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="persistence-api-1.0.jar"><a href="#l79_5725f57873e05e068803e2bf9d5a8ea3740ffec5">persistence-api-1.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="javax.persistence:persistence-api:1.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=javax/persistence/persistence-api/1.0/persistence-api-1.0.jar" target="_blank">javax.persistence:persistence-api:1.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="javax.servlet.jsp-api-2.3.0.jar"><a href="#l80_3795334f4306b194003e16dfba4111a0467a49bd">javax.servlet.jsp-api-2.3.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="javax.servlet.jsp:javax.servlet.jsp-api:2.3.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223795334f4306b194003e16dfba4111a0467a49bd%22" target="_blank">javax.servlet.jsp:javax.servlet.jsp-api:2.3.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="javax.servlet-api-3.1.0.jar"><a href="#l81_3cd63d075497751784b2fa84be59432f4905bf7c">javax.servlet-api-3.1.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="javax.servlet:javax.servlet-api:3.1.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223cd63d075497751784b2fa84be59432f4905bf7c%22" target="_blank">javax.servlet:javax.servlet-api:3.1.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>24</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="servlet-api-2.4.jar"><a href="#l82_3fc542fe8bb8164e8d3e840fe7403bc0518053c0">servlet-api-2.4.jar</a></td>
                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="javax.servlet:servlet-api:2.4">                                                        <a href="http://search.maven.org/remotecontent?filepath=javax/servlet/servlet-api/2.4/servlet-api-2.4.jar" target="_blank">javax.servlet:servlet-api:2.4</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jta-1.0.1B.jar"><a href="#l83_3dd157a4f4fe115ac5d165d6c21463d0ce9e3c7b">jta-1.0.1B.jar</a></td>
                                                                        <td data-sort-value="">
                                                                        </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>4</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="javax.ws.rs-api-2.0.1.jar"><a href="#l84_104e9c2b5583cfcfeac0402316221648d6d8ea6b">javax.ws.rs-api-2.0.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="javax.ws.rs:javax.ws.rs-api:2.0.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22104e9c2b5583cfcfeac0402316221648d6d8ea6b%22" target="_blank">javax.ws.rs:javax.ws.rs-api:2.0.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>24</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jsr311-api-1.1.1.jar"><a href="#l85_59033da2a1afd56af1ac576750a8d0b1830d59e6">jsr311-api-1.1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="javax.ws.rs:jsr311-api:1.1.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2259033da2a1afd56af1ac576750a8d0b1830d59e6%22" target="_blank">javax.ws.rs:jsr311-api:1.1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jaxb-api-2.1.jar"><a href="#l86_0b2dfeed54ac106bcd714ba59c1f52ef9167d56e">jaxb-api-2.1.jar</a></td>
                                                                        <td data-sort-value="">
                                                                        </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>9</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="stax-api-1.0-2.jar"><a href="#l87_d6337b0de8b25e53e81b922352fbea9f9f57ba0b">stax-api-1.0-2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="javax.xml.stream:stax-api:1.0-2">                                                        <a href="http://search.maven.org/remotecontent?filepath=javax/xml/stream/stax-api/1.0-2/stax-api-1.0-2.jar" target="_blank">javax.xml.stream:stax-api:1.0-2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xmldsig-1.0.jar"><a href="#l88_9312ad67022b4dec8df8689d0b7dbac9cd612525">xmldsig-1.0.jar</a></td>
                                                                        <td data-sort-value="">
                                                                        </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>12</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jaxen-1.1.6.jar"><a href="#l89_3f8c36d9a0578e8e98f030c662b69888b1430ac0">jaxen-1.1.6.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="jaxen:jaxen:1.1.6">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223f8c36d9a0578e8e98f030c662b69888b1430ac0%22" target="_blank">jaxen:jaxen:1.1.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jdom-1.0.jar"><a href="#l90_a2ac1cd690ab4c80defe7f9bce14d35934c35cec">jdom-1.0.jar</a></td>
                                                                                                                                                                                <td data-sort-value="">
                                                                                                                                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.sun.phobos:jdom:1.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=com/sun/phobos/jdom/1.0/jdom-1.0.jar" target="_blank">com.sun.phobos:jdom:1.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>40</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="joda-time-2.2.jar"><a href="#l91_a5f29a7acaddea3f4af307e8cf2d0cc82645fd7d">joda-time-2.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="joda-time:joda-time:2.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22a5f29a7acaddea3f4af307e8cf2d0cc82645fd7d%22" target="_blank">joda-time:joda-time:2.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="junit-dep-4.10.jar"><a href="#l92_64417b3bafdecd366afa514bd5beeae6c1f85ece">junit-dep-4.10.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="junit:junit-dep:4.10">                                                        <a href="http://search.maven.org/remotecontent?filepath=junit/junit-dep/4.10/junit-dep-4.10.jar" target="_blank">junit:junit-dep:4.10</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="junit-3.8.2.jar"><a href="#l93_07e4cde26b53a9a0e3fe5b00d1dbbc7cc1d46060">junit-3.8.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="junit:junit:3.8.2">                                                        <a href="http://search.maven.org/remotecontent?filepath=junit/junit/3.8.2/junit-3.8.2.jar" target="_blank">junit:junit:3.8.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="junit-4.12.jar"><a href="#l94_2973d150c0dc1fefe998f834810d68f278ea58ec">junit-4.12.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="junit:junit:4.12">                                                        <a href="http://search.maven.org/remotecontent?filepath=junit/junit/4.12/junit-4.12.jar" target="_blank">junit:junit:4.12</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="log4j-1.2.17.jar"><a href="#l95_5af35056b4d257e4b64b9e8069c0746e8b08629f">log4j-1.2.17.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="log4j:log4j:1.2.17">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%225af35056b4d257e4b64b9e8069c0746e8b08629f%22" target="_blank">log4j:log4j:1.2.17</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ical4j-1.0-rc3-atlassian-11.jar"><a href="#l96_cc4aa02f5cc8773876aad173517d20438b1b60ea">ical4j-1.0-rc3-atlassian-11.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="net.fortuna.ical4j:ical4j:1.0-rc3-atlassian-11">                            net.fortuna.ical4j:ical4j:1.0-rc3-atlassian-11
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="jna-4.1.0.jar"><a href="#l97_1c12d070e602efd8021891cdd7fd18bc129372d4">jna-4.1.0.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:sun:linux:4.1.0cpe:/a:sun:sunos:4.1.0">
                                                                                                                                                                                cpe:/a:sun:linux:4.1.0
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:sun:sunos:4.1.0
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="net.java.dev.jna:jna:4.1.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=net/java/dev/jna/jna/4.1.0/jna-4.1.0.jar" target="_blank">net.java.dev.jna:jna:4.1.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="72.0">
                                                    High
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jna-4.1.0.jar: jnidispatch.dll"><a href="#l98_67167f2b2fce8db5f9f64a372b0da54730d3ee51">jna-4.1.0.jar: jnidispatch.dll</a></td>
                                                                        <td data-sort-value="">
                                                                        </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>1</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jna-4.1.0.jar: jnidispatch.dll"><a href="#l99_bd1bdda9a91f3b0d9067e323f7394bef933f81f6">jna-4.1.0.jar: jnidispatch.dll</a></td>
                                                                        <td data-sort-value="">
                                                                        </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>1</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jna-4.1.0.jar: jnidispatch.dll"><a href="#l100_8b32cc82740fc62afdf5ea211f1ca8bb72269bbf">jna-4.1.0.jar: jnidispatch.dll</a></td>
                                                                        <td data-sort-value="">
                                                                        </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>1</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jcip-annotations-1.0.jar"><a href="#l101_afba4942caaeaf46aab0b976afd57cc7c181467e">jcip-annotations-1.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="net.jcip:jcip-annotations:1.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=net/jcip/jcip-annotations/1.0/jcip-annotations-1.0.jar" target="_blank">net.jcip:jcip-annotations:1.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="barcode4j-fop-ext-2.1.jar"><a href="#l102_38749ed6e6412628c45d5ba344a0ab796e6807f9">barcode4j-fop-ext-2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="net.sf.barcode4j:barcode4j-fop-ext:2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=net/sf/barcode4j/barcode4j-fop-ext/2.1/barcode4j-fop-ext-2.1.jar" target="_blank">net.sf.barcode4j:barcode4j-fop-ext:2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="barcode4j-2.1.jar"><a href="#l103_4b38b2219c0d522fcea8238493f2ea3e238ef529">barcode4j-2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="net.sf.barcode4j:barcode4j:2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=net/sf/barcode4j/barcode4j/2.1/barcode4j-2.1.jar" target="_blank">net.sf.barcode4j:barcode4j:2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ehcache-core-2.6.2.jar"><a href="#l104_3baecd92015a9f8fe4cf51c8b5d3a5bddcdd3e86">ehcache-core-2.6.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="net.sf.ehcache:ehcache-core:2.6.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223baecd92015a9f8fe4cf51c8b5d3a5bddcdd3e86%22" target="_blank">net.sf.ehcache:ehcache-core:2.6.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ehcache-core-2.6.2.jar: sizeof-agent.jar"><a href="#l105_e86399a80ae6a6c7a563717eaa0ce9ba4708571c">ehcache-core-2.6.2.jar: sizeof-agent.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="net.sf.ehcache:sizeof-agent:1.0.1">                            net.sf.ehcache:sizeof-agent:1.0.1
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ehcache-1.2.3.jar"><a href="#l106_461752b4e3d73a5815737df243782ac70112b489">ehcache-1.2.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="net.sf.ehcache:ehcache:1.2.3">                                                        <a href="http://search.maven.org/remotecontent?filepath=net/sf/ehcache/ehcache/1.2.3/ehcache-1.2.3.jar" target="_blank">net.sf.ehcache:ehcache:1.2.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jwnl-1.3.3.jar"><a href="#l107_7108e5b6a8875fe0488d942238575407c7ab8649">jwnl-1.3.3.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:wordnet:wordnet:1.3.3">
                                                                                                                                                                                cpe:/a:wordnet:wordnet:1.3.3
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="net.sf.jwordnet:jwnl:1.3.3">                                                        <a href="http://search.maven.org/remotecontent?filepath=net/sf/jwordnet/jwnl/1.3.3/jwnl-1.3.3.jar" target="_blank">net.sf.jwordnet:jwnl:1.3.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jmatio-1.0.jar"><a href="#l108_df72993ea17d34c3bacd983558d2970a866abaf6">jmatio-1.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="net.sourceforge.jmatio:jmatio:1.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22df72993ea17d34c3bacd983558d2970a866abaf6%22" target="_blank">net.sourceforge.jmatio:jmatio:1.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="nekohtml-1.9.12.jar"><a href="#l109_6b58cfa01218d900a5c5996b82b52cffab981c0a">nekohtml-1.9.12.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="net.sourceforge.nekohtml:nekohtml:1.9.12">                                                        <a href="http://search.maven.org/remotecontent?filepath=net/sourceforge/nekohtml/nekohtml/1.9.12/nekohtml-1.9.12.jar" target="_blank">net.sourceforge.nekohtml:nekohtml:1.9.12</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ognl-2.6.9.jar"><a href="#l110_fad9692184899994e977b647998f9fa4a9cfec35">ognl-2.6.9.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="ognl:ognl:2.6.9">                                                        <a href="http://search.maven.org/remotecontent?filepath=ognl/ognl/2.6.9/ognl-2.6.9.jar" target="_blank">ognl:ognl:2.6.9</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="antlr4-runtime-4.5.1-1.jar"><a href="#l111_66144204f9d6d7d3f3f775622c2dd7e9bd511d97">antlr4-runtime-4.5.1-1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.antlr:antlr4-runtime:4.5.1-1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2266144204f9d6d7d3f3f775622c2dd7e9bd511d97%22" target="_blank">org.antlr:antlr4-runtime:4.5.1-1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ant-junit-1.9.0.jar"><a href="#l112_cc83eb94ddcef9c12d5ede5feac3f31a3d320e82">ant-junit-1.9.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ant:ant-junit:1.9.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant-junit/1.9.0/ant-junit-1.9.0.jar" target="_blank">org.apache.ant:ant-junit:1.9.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ant-junit-1.9.7.jar"><a href="#l113_12629dc0fe3bc89199f83c1cbf7f844f2d0801de">ant-junit-1.9.7.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ant:ant-junit:1.9.7">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant-junit/1.9.7/ant-junit-1.9.7.jar" target="_blank">org.apache.ant:ant-junit:1.9.7</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ant-launcher-1.9.0.jar"><a href="#l114_a76484a4e3a893dd0ee018afef34f74df8e4ef6c">ant-launcher-1.9.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ant:ant-launcher:1.9.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant-launcher/1.9.0/ant-launcher-1.9.0.jar" target="_blank">org.apache.ant:ant-launcher:1.9.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ant-launcher-1.9.7.jar"><a href="#l115_224857a490283e72da13ffe3082dea62c558ec76">ant-launcher-1.9.7.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ant:ant-launcher:1.9.7">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant-launcher/1.9.7/ant-launcher-1.9.7.jar" target="_blank">org.apache.ant:ant-launcher:1.9.7</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ant-1.9.0.jar"><a href="#l116_d667bc2c030a338720bfcf794d2189ea5c663b9e">ant-1.9.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ant:ant:1.9.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant/1.9.0/ant-1.9.0.jar" target="_blank">org.apache.ant:ant:1.9.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ant-1.9.7.jar"><a href="#l117_3b2a10512ee6537d3852c9b693a0284dcab5de68">ant-1.9.7.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ant:ant:1.9.7">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant/1.9.7/ant-1.9.7.jar" target="_blank">org.apache.ant:ant:1.9.7</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="avalon-framework-api-4.3.1.jar"><a href="#l118_2dacadeb49bc14420990b1f28897d46f96e2181d">avalon-framework-api-4.3.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.avalon.framework:avalon-framework-api:4.3.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%222dacadeb49bc14420990b1f28897d46f96e2181d%22" target="_blank">org.apache.avalon.framework:avalon-framework-api:4.3.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="avalon-framework-impl-4.3.1.jar"><a href="#l119_2d5f5a07fd14513ce6d7a7bfaff69419c26dbd0b">avalon-framework-impl-4.3.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.avalon.framework:avalon-framework-impl:4.3.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%222d5f5a07fd14513ce6d7a7bfaff69419c26dbd0b%22" target="_blank">org.apache.avalon.framework:avalon-framework-impl:4.3.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="axis2-kernel-1.7.1.jar"><a href="#l120_839abf2a83ab7aa225e4d4f8dd4236803ef977a0">axis2-kernel-1.7.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:axis2:1.7.1">
                                                                                                                                                                                cpe:/a:apache:axis2:1.7.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.axis2:axis2-kernel:1.7.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22839abf2a83ab7aa225e4d4f8dd4236803ef977a0%22" target="_blank">org.apache.axis2:axis2-kernel:1.7.1</a>
                                                </td>
                                                                                                                                                                                                            <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>2</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="axis2-transport-http-1.7.1.jar"><a href="#l121_54b345d733908b3fc830ac87ede303ec2b7d8c3b">axis2-transport-http-1.7.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:axis2:1.7.1">
                                                                                                                                                                                cpe:/a:apache:axis2:1.7.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.axis2:axis2-transport-http:1.7.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2254b345d733908b3fc830ac87ede303ec2b7d8c3b%22" target="_blank">org.apache.axis2:axis2-transport-http:1.7.1</a>
                                                </td>
                                                                                                                                                                                                            <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>2</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="axis2-transport-local-1.7.1.jar"><a href="#l122_cfda1532e74015dd978b3d046b19a2749ac300b1">axis2-transport-local-1.7.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:axis2:1.7.1">
                                                                                                                                                                                cpe:/a:apache:axis2:1.7.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.axis2:axis2-transport-local:1.7.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22cfda1532e74015dd978b3d046b19a2749ac300b1%22" target="_blank">org.apache.axis2:axis2-transport-local:1.7.1</a>
                                                </td>
                                                                                                                                                                                                            <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>2</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="axis-1.4.jar"><a href="#l123_94a9ce681a42d0352b3ad22659f67835e560d107">axis-1.4.jar</a></td>
                                                                                                                                                                                                                                                                <td data-sort-value="cpe:/a:apache:axis:1.4">
                                                                                                                                                                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.4" target="_blank">cpe:/a:apache:axis:1.4</a>
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="axis:axis:1.4">                                                        <a href="http://search.maven.org/remotecontent?filepath=axis/axis/1.4/axis-1.4.jar" target="_blank">axis:axis:1.4</a>
                                                </td>
                                                                                                                                                                                                            <td data-sort-value="58.0">
                                                    Medium
                                                </td>
                        <td>2</td>
                        <td data-sort-value="0">HIGHEST</td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-collections4-4.1.jar"><a href="#l124_a4cf4688fe1c7e3a63aa636cc96d013af537768e">commons-collections4-4.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:commons_collections:4.1">
                                                                                                                                                                                cpe:/a:apache:commons_collections:4.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.commons:commons-collections4:4.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22a4cf4688fe1c7e3a63aa636cc96d013af537768e%22" target="_blank">org.apache.commons:commons-collections4:4.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>27</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-compress-1.10.jar"><a href="#l125_5eeb27c57eece1faf2d837868aeccc94d84dcc9a">commons-compress-1.10.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:commons-compress:1.10">
                                                                                                                                                                                cpe:/a:apache:commons-compress:1.10
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.commons:commons-compress:1.10">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%225eeb27c57eece1faf2d837868aeccc94d84dcc9a%22" target="_blank">org.apache.commons:commons-compress:1.10</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>28</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-csv-1.1.jar"><a href="#l126_1eeeb118cab7ec49c9a10b478356eff108d5e87e">commons-csv-1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.commons:commons-csv:1.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%221eeeb118cab7ec49c9a10b478356eff108d5e87e%22" target="_blank">org.apache.commons:commons-csv:1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>27</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-dbcp2-2.1.jar"><a href="#l127_95d4eab4b67874f452a69fe84e89f2952c6c27f6">commons-dbcp2-2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.commons:commons-dbcp2:2.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2295d4eab4b67874f452a69fe84e89f2952c6c27f6%22" target="_blank">org.apache.commons:commons-dbcp2:2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-exec-1.3.jar"><a href="#l128_8dfb9facd0830a27b1b5f29f84593f0aeee7773b">commons-exec-1.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.commons:commons-exec:1.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%228dfb9facd0830a27b1b5f29f84593f0aeee7773b%22" target="_blank">org.apache.commons:commons-exec:1.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>27</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-pool2-2.3.jar"><a href="#l129_62a559a025fd890c30364296ece14643ba9c8c5b">commons-pool2-2.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.commons:commons-pool2:2.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2262a559a025fd890c30364296ece14643ba9c8c5b%22" target="_blank">org.apache.commons:commons-pool2:2.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="commons-vfs2-2.0.jar"><a href="#l130_b5af3b9c96b060d77c68fa5ac9384b402dd58013">commons-vfs2-2.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.commons:commons-vfs2:2.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22b5af3b9c96b060d77c68fa5ac9384b402dd58013%22" target="_blank">org.apache.commons:commons-vfs2:2.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="curator-client-2.8.0.jar"><a href="#l131_84feebaa8526f4984566f6a32f55d7689800acf9">curator-client-2.8.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.curator:curator-client:2.8.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2284feebaa8526f4984566f6a32f55d7689800acf9%22" target="_blank">org.apache.curator:curator-client:2.8.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="curator-framework-2.8.0.jar"><a href="#l132_f8edc9156084ad19ae50ae5958bf218a08351834">curator-framework-2.8.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:zookeeper:2.8.0">
                                                                                                                                                                                cpe:/a:apache:zookeeper:2.8.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.curator:curator-framework:2.8.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22f8edc9156084ad19ae50ae5958bf218a08351834%22" target="_blank">org.apache.curator:curator-framework:2.8.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="21.0">
                                                    Low
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>17</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="curator-recipes-2.8.0.jar"><a href="#l133_c563e25fb37f85a6b029bc9746e75573640474fb">curator-recipes-2.8.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:zookeeper:2.8.0">
                                                                                                                                                                                cpe:/a:apache:zookeeper:2.8.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.curator:curator-recipes:2.8.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22c563e25fb37f85a6b029bc9746e75573640474fb%22" target="_blank">org.apache.curator:curator-recipes:2.8.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="21.0">
                                                    Low
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>17</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="cxf-core-3.0.3.jar"><a href="#l134_d1c97f02c6ca0bab8b3c5315237c510523b86310">cxf-core-3.0.3.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:cxf:3.0.3">
                                                                                                                                                                                cpe:/a:apache:cxf:3.0.3
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.cxf:cxf-core:3.0.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22d1c97f02c6ca0bab8b3c5315237c510523b86310%22" target="_blank">org.apache.cxf:cxf-core:3.0.3</a>
                                                </td>
                                                                                                                                                                                                                                        <td data-sort-value="58.0">
                                                    Medium
                                                </td>
                        <td>2</td>
                        <td data-sort-value="0">LOW</td>
                        <td>23</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="cxf-rt-frontend-jaxrs-3.0.3.jar"><a href="#l135_284a35801aef259c0d61edb938865b5b125403ac">cxf-rt-frontend-jaxrs-3.0.3.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:cxf:3.0.3">
                                                                                                                                                                                cpe:/a:apache:cxf:3.0.3
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.cxf:cxf-rt-frontend-jaxrs:3.0.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22284a35801aef259c0d61edb938865b5b125403ac%22" target="_blank">org.apache.cxf:cxf-rt-frontend-jaxrs:3.0.3</a>
                                                </td>
                                                                                                                                                                                                                                        <td data-sort-value="58.0">
                                                    Medium
                                                </td>
                        <td>2</td>
                        <td data-sort-value="0">LOW</td>
                        <td>23</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="cxf-rt-rs-client-3.0.3.jar"><a href="#l136_45eabb80eb52ac54111c71e0d6f34c9c93f99b0d">cxf-rt-rs-client-3.0.3.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:cxf:3.0.3">
                                                                                                                                                                                cpe:/a:apache:cxf:3.0.3
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.cxf:cxf-rt-rs-client:3.0.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2245eabb80eb52ac54111c71e0d6f34c9c93f99b0d%22" target="_blank">org.apache.cxf:cxf-rt-rs-client:3.0.3</a>
                                                </td>
                                                                                                                                                                                                                                        <td data-sort-value="58.0">
                                                    Medium
                                                </td>
                        <td>2</td>
                        <td data-sort-value="0">LOW</td>
                        <td>23</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="cxf-rt-transports-http-3.0.3.jar"><a href="#l137_d0fe9957966496bcc9550dddfbe5100d84105d75">cxf-rt-transports-http-3.0.3.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:cxf:3.0.3">
                                                                                                                                                                                cpe:/a:apache:cxf:3.0.3
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.cxf:cxf-rt-transports-http:3.0.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22d0fe9957966496bcc9550dddfbe5100d84105d75%22" target="_blank">org.apache.cxf:cxf-rt-transports-http:3.0.3</a>
                                                </td>
                                                                                                                                                                                                                                        <td data-sort-value="58.0">
                                                    Medium
                                                </td>
                        <td>2</td>
                        <td data-sort-value="0">LOW</td>
                        <td>23</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="derby-10.11.1.1.jar"><a href="#l138_df4b50061e8e4c348ce243b921f53ee63ba9bbe1">derby-10.11.1.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:derby:10.11.1.1">
                                                                                                                                                                                cpe:/a:apache:derby:10.11.1.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.derby:derby:10.11.1.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/derby/derby/10.11.1.1/derby-10.11.1.1.jar" target="_blank">org.apache.derby:derby:10.11.1.1</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="geronimo-transaction-3.1.1.jar"><a href="#l139_1cfdfcff3cd6a805be401946ab14213b0bad9cb4">geronimo-transaction-3.1.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:geronimo:3.1.1">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Ageronimo" target="_blank">cpe:/a:apache:geronimo:3.1.1</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.geronimo.components:geronimo-transaction:3.1.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%221cfdfcff3cd6a805be401946ab14213b0bad9cb4%22" target="_blank">org.apache.geronimo.components:geronimo-transaction:3.1.1</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="21.0">
                                                    Low
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="geronimo-activation_1.1_spec-1.1.jar"><a href="#l140_f15af1b53fba7f23ce5e9de4fb57a88585aa9eee">geronimo-activation_1.1_spec-1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.geronimo.specs:geronimo-activation_1.1_spec:1.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22f15af1b53fba7f23ce5e9de4fb57a88585aa9eee%22" target="_blank">org.apache.geronimo.specs:geronimo-activation_1.1_spec:1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="geronimo-j2ee-connector_1.6_spec-1.0.jar"><a href="#l141_a1a1cb635415af603ffba27987ffcd3422fb7801">geronimo-j2ee-connector_1.6_spec-1.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.geronimo.specs:geronimo-j2ee-connector_1.6_spec:1.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22a1a1cb635415af603ffba27987ffcd3422fb7801%22" target="_blank">org.apache.geronimo.specs:geronimo-j2ee-connector_1.6_spec:1.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="geronimo-jaxrpc_1.1_spec-1.1.jar"><a href="#l142_b0b1d499b5c7f53ed65fa1aadd6cfaf743480e1b">geronimo-jaxrpc_1.1_spec-1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.geronimo.specs:geronimo-jaxrpc_1.1_spec:1.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22b0b1d499b5c7f53ed65fa1aadd6cfaf743480e1b%22" target="_blank">org.apache.geronimo.specs:geronimo-jaxrpc_1.1_spec:1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="geronimo-jms_1.1_spec-1.1.1.jar"><a href="#l143_c872b46c601d8dc03633288b81269f9e42762cea">geronimo-jms_1.1_spec-1.1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22c872b46c601d8dc03633288b81269f9e42762cea%22" target="_blank">org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="geronimo-jta_1.1_spec-1.1.1.jar"><a href="#l144_aabab3165b8ea936b9360abbf448459c0d04a5a4">geronimo-jta_1.1_spec-1.1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.geronimo.specs:geronimo-jta_1.1_spec:1.1.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22aabab3165b8ea936b9360abbf448459c0d04a5a4%22" target="_blank">org.apache.geronimo.specs:geronimo-jta_1.1_spec:1.1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="geronimo-stax-api_1.0_spec-1.0.1.jar"><a href="#l145_1c171093a8b43aa550c6050ac441abe713ebb4f2">geronimo-stax-api_1.0_spec-1.0.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.geronimo.specs:geronimo-stax-api_1.0_spec:1.0.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%221c171093a8b43aa550c6050ac441abe713ebb4f2%22" target="_blank">org.apache.geronimo.specs:geronimo-stax-api_1.0_spec:1.0.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="geronimo-ws-metadata_2.0_spec-1.1.2.jar"><a href="#l146_7be9f049b4f0f0cf045675be5a0ff709d57cbc6a">geronimo-ws-metadata_2.0_spec-1.1.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.geronimo.specs:geronimo-ws-metadata_2.0_spec:1.1.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%227be9f049b4f0f0cf045675be5a0ff709d57cbc6a%22" target="_blank">org.apache.geronimo.specs:geronimo-ws-metadata_2.0_spec:1.1.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hadoop-annotations-2.7.2.jar"><a href="#l147_80693ef2884927ee3c5464a7539fcfa4af382e14">hadoop-annotations-2.7.2.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:hadoop:2.7.2">
                                                                                                                                                                                cpe:/a:apache:hadoop:2.7.2
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.hadoop:hadoop-annotations:2.7.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2280693ef2884927ee3c5464a7539fcfa4af382e14%22" target="_blank">org.apache.hadoop:hadoop-annotations:2.7.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>15</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hadoop-auth-2.7.2.jar"><a href="#l148_bf613cfec06a1f3d3a91d7f82f9e4af75bc01f72">hadoop-auth-2.7.2.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:hadoop:2.7.2">
                                                                                                                                                                                cpe:/a:apache:hadoop:2.7.2
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.hadoop:hadoop-auth:2.7.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22bf613cfec06a1f3d3a91d7f82f9e4af75bc01f72%22" target="_blank">org.apache.hadoop:hadoop-auth:2.7.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hadoop-common-2.7.2.jar"><a href="#l149_422eb48913fa6f81835b3192c97a576505b6c192">hadoop-common-2.7.2.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:hadoop:2.7.2">
                                                                                                                                                                                cpe:/a:apache:hadoop:2.7.2
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.hadoop:hadoop-common:2.7.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22422eb48913fa6f81835b3192c97a576505b6c192%22" target="_blank">org.apache.hadoop:hadoop-common:2.7.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hadoop-hdfs-2.7.2.jar"><a href="#l150_3c304b3d9227fbf8af8bc1cab013271538c3cf0a">hadoop-hdfs-2.7.2.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:hadoop:2.7.2">
                                                                                                                                                                                cpe:/a:apache:hadoop:2.7.2
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.hadoop:hadoop-hdfs:2.7.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223c304b3d9227fbf8af8bc1cab013271538c3cf0a%22" target="_blank">org.apache.hadoop:hadoop-hdfs:2.7.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>15</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="htrace-core-3.2.0-incubating.jar"><a href="#l151_8797cf3230f01e8724ef27a0ed565dabb6998c64">htrace-core-3.2.0-incubating.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.htrace:htrace-core:3.2.0-incubating">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/htrace/htrace-core/3.2.0-incubating/htrace-core-3.2.0-incubating.jar" target="_blank">org.apache.htrace:htrace-core:3.2.0-incubating</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="htrace-core-3.2.0-incubating.jar\META-INF/maven/com.fasterxml.jackson.core/jackson-core/pom.xml"><a href="#l152_ed8235ea6d84480833675e709b415bde24ce25f7">htrace-core-3.2.0-incubating.jar\META-INF/maven/com.fasterxml.jackson.core/jackson-core/pom.xml</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.fasterxml.jackson.core:jackson-core:2.4.0">                            com.fasterxml.jackson.core:jackson-core:2.4.0
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>9</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="htrace-core-3.2.0-incubating.jar\META-INF/maven/com.fasterxml.jackson.core/jackson-databind/pom.xml"><a href="#l153_3c0d06b6c0a9f4135fcf5c5557c751c0cd066c0c">htrace-core-3.2.0-incubating.jar\META-INF/maven/com.fasterxml.jackson.core/jackson-databind/pom.xml</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="com.fasterxml.jackson.core:jackson-databind:2.4.0">                            com.fasterxml.jackson.core:jackson-databind:2.4.0
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>9</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="htrace-core-3.2.0-incubating.jar\META-INF/maven/commons-logging/commons-logging/pom.xml"><a href="#l154_76672afb562b9e903674ad3a544cdf2092f1faa3">htrace-core-3.2.0-incubating.jar\META-INF/maven/commons-logging/commons-logging/pom.xml</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="commons-logging:commons-logging:1.1.1">                            commons-logging:commons-logging:1.1.1
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>9</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="httpclient-cache-4.4.1.jar"><a href="#l155_6c9ba9c38bca8742d5745bb27bcd4b9c7542ea24">httpclient-cache-4.4.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:httpclient:4.4.1">
                                                                                                                                                                                cpe:/a:apache:httpclient:4.4.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.httpcomponents:httpclient-cache:4.4.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%226c9ba9c38bca8742d5745bb27bcd4b9c7542ea24%22" target="_blank">org.apache.httpcomponents:httpclient-cache:4.4.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="httpclient-4.4.1.jar"><a href="#l156_016d0bc512222f1253ee6b64d389c84e22f697f0">httpclient-4.4.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:httpclient:4.4.1">
                                                                                                                                                                                cpe:/a:apache:httpclient:4.4.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.httpcomponents:httpclient:4.4.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22016d0bc512222f1253ee6b64d389c84e22f697f0%22" target="_blank">org.apache.httpcomponents:httpclient:4.4.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="httpcore-4.4.1.jar"><a href="#l157_f5aa318bda4c6c8d688c9d00b90681dcd82ce636">httpcore-4.4.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.httpcomponents:httpcore:4.4.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22f5aa318bda4c6c8d688c9d00b90681dcd82ce636%22" target="_blank">org.apache.httpcomponents:httpcore:4.4.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="httpmime-4.4.1.jar"><a href="#l158_2f8757f5ac5e38f46c794e5229d1f3c522e9b1df">httpmime-4.4.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:httpclient:4.4.1">
                                                                                                                                                                                cpe:/a:apache:httpclient:4.4.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.httpcomponents:httpmime:4.4.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%222f8757f5ac5e38f46c794e5229d1f3c522e9b1df%22" target="_blank">org.apache.httpcomponents:httpmime:4.4.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="apache-mime4j-core-0.7.2.jar"><a href="#l159_a81264fe0265ebe8fd1d8128aad06dc320de6eef">apache-mime4j-core-0.7.2.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:james:0.7.2">
                                                                                                                                                                                cpe:/a:apache:james:0.7.2
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.james:apache-mime4j-core:0.7.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22a81264fe0265ebe8fd1d8128aad06dc320de6eef%22" target="_blank">org.apache.james:apache-mime4j-core:0.7.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="apache-mime4j-dom-0.7.2.jar"><a href="#l160_1c289aa264548a0a1f1b43685a9cb2ab23f67287">apache-mime4j-dom-0.7.2.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:james:0.7.2">
                                                                                                                                                                                cpe:/a:apache:james:0.7.2
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.james:apache-mime4j-dom:0.7.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%221c289aa264548a0a1f1b43685a9cb2ab23f67287%22" target="_blank">org.apache.james:apache-mime4j-dom:0.7.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>24</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="log4j-1.2-api-2.6.2.jar"><a href="#l161_3b4c5a8b734b6a29b2f03380535a48da6284b210">log4j-1.2-api-2.6.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.logging.log4j:log4j-1.2-api:2.6.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223b4c5a8b734b6a29b2f03380535a48da6284b210%22" target="_blank">org.apache.logging.log4j:log4j-1.2-api:2.6.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="log4j-api-2.6.2.jar"><a href="#l162_bd1b74a5d170686362091c7cf596bbc3adf5c09b">log4j-api-2.6.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.logging.log4j:log4j-api:2.6.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22bd1b74a5d170686362091c7cf596bbc3adf5c09b%22" target="_blank">org.apache.logging.log4j:log4j-api:2.6.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="log4j-core-2.6.2.jar"><a href="#l163_00a91369f655eb1639c6aece5c5eb5108db18306">log4j-core-2.6.2.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:jcore:jcore:2.6.2">
                                                                                                                                                                                cpe:/a:jcore:jcore:2.6.2
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.logging.log4j:log4j-core:2.6.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2200a91369f655eb1639c6aece5c5eb5108db18306%22" target="_blank">org.apache.logging.log4j:log4j-core:2.6.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="log4j-jul-2.6.2.jar"><a href="#l164_afb8205d03d7f30405b385a2b0fdf1086bc9bc2a">log4j-jul-2.6.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.logging.log4j:log4j-jul:2.6.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22afb8205d03d7f30405b385a2b0fdf1086bc9bc2a%22" target="_blank">org.apache.logging.log4j:log4j-jul:2.6.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="log4j-slf4j-impl-2.6.2.jar"><a href="#l165_71d6c56133e0548e07434add048d7a7a2db53512">log4j-slf4j-impl-2.6.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.logging.log4j:log4j-slf4j-impl:2.6.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2271d6c56133e0548e07434add048d7a7a2db53512%22" target="_blank">org.apache.logging.log4j:log4j-slf4j-impl:2.6.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-analyzers-common-6.2.1.jar"><a href="#l166_8e08c604b610cdb91b898c841e8a8254b0f020dc">lucene-analyzers-common-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-analyzers-common:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-analyzers-common/6.2.1/lucene-analyzers-common-6.2.1.jar" target="_blank">org.apache.lucene:lucene-analyzers-common:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-analyzers-kuromoji-6.2.1.jar"><a href="#l167_776bbdb9527f0a261d860b8e9c682329686c23a8">lucene-analyzers-kuromoji-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-analyzers-kuromoji:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-analyzers-kuromoji/6.2.1/lucene-analyzers-kuromoji-6.2.1.jar" target="_blank">org.apache.lucene:lucene-analyzers-kuromoji:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-analyzers-phonetic-6.2.1.jar"><a href="#l168_00bdbd633a9e54bd9e5874ac021dee34fcf7dd2b">lucene-analyzers-phonetic-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-analyzers-phonetic:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-analyzers-phonetic/6.2.1/lucene-analyzers-phonetic-6.2.1.jar" target="_blank">org.apache.lucene:lucene-analyzers-phonetic:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-backward-codecs-6.2.1.jar"><a href="#l169_44a7dc95efbf08c1bcbacef618b1b2837ca8fe01">lucene-backward-codecs-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-backward-codecs:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-backward-codecs/6.2.1/lucene-backward-codecs-6.2.1.jar" target="_blank">org.apache.lucene:lucene-backward-codecs:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-classification-6.2.1.jar"><a href="#l170_4098f194326046ad11445fe721e2c214ef0d4c8a">lucene-classification-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-classification:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-classification/6.2.1/lucene-classification-6.2.1.jar" target="_blank">org.apache.lucene:lucene-classification:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-codecs-6.2.1.jar"><a href="#l171_38f65ac4b2dd86ee99ead892693b80b2adec7aa9">lucene-codecs-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-codecs:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-codecs/6.2.1/lucene-codecs-6.2.1.jar" target="_blank">org.apache.lucene:lucene-codecs:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-core-6.2.1.jar"><a href="#l172_a1d9ed9e06072fefa13b070628269ccc0a90d7cc">lucene-core-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-core:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-core/6.2.1/lucene-core-6.2.1.jar" target="_blank">org.apache.lucene:lucene-core:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-expressions-6.2.1.jar"><a href="#l173_41a8af299cc316414d1a0202dd8adcfd7cb24378">lucene-expressions-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-expressions:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-expressions/6.2.1/lucene-expressions-6.2.1.jar" target="_blank">org.apache.lucene:lucene-expressions:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-grouping-6.2.1.jar"><a href="#l174_42565071d9389e574241e8c6b427ee6be74710de">lucene-grouping-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-grouping:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-grouping/6.2.1/lucene-grouping-6.2.1.jar" target="_blank">org.apache.lucene:lucene-grouping:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-highlighter-6.2.1.jar"><a href="#l175_e383f4f7e7cb125f5fc9a53673ad010b75b08881">lucene-highlighter-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-highlighter:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-highlighter/6.2.1/lucene-highlighter-6.2.1.jar" target="_blank">org.apache.lucene:lucene-highlighter:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-join-6.2.1.jar"><a href="#l176_1cf28b0e73e8ee49adc5665d3f4ff8ba637c82a4">lucene-join-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-join:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-join/6.2.1/lucene-join-6.2.1.jar" target="_blank">org.apache.lucene:lucene-join:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-memory-6.2.1.jar"><a href="#l177_8fc0530a1743a9e8b9e0524fcd970dc4e9f61768">lucene-memory-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-memory:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-memory/6.2.1/lucene-memory-6.2.1.jar" target="_blank">org.apache.lucene:lucene-memory:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-misc-6.2.1.jar"><a href="#l178_2c42a3de2108815591b334de27dc845304c62982">lucene-misc-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-misc:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-misc/6.2.1/lucene-misc-6.2.1.jar" target="_blank">org.apache.lucene:lucene-misc:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-queries-6.2.1.jar"><a href="#l179_d4c6985642bee49c09c158a3af6dbf790e8e6c21">lucene-queries-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-queries:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-queries/6.2.1/lucene-queries-6.2.1.jar" target="_blank">org.apache.lucene:lucene-queries:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-queryparser-6.2.1.jar"><a href="#l180_2eeedc63e931b2ed4bb5432c93cf37306730e3d2">lucene-queryparser-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-queryparser:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-queryparser/6.2.1/lucene-queryparser-6.2.1.jar" target="_blank">org.apache.lucene:lucene-queryparser:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-sandbox-6.2.1.jar"><a href="#l181_d06329b1b540b56d0cdde76dc370daa38a29ff7a">lucene-sandbox-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-sandbox:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-sandbox/6.2.1/lucene-sandbox-6.2.1.jar" target="_blank">org.apache.lucene:lucene-sandbox:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-spatial-extras-6.2.1.jar"><a href="#l182_6ef1d5bd2e1effeb4dda6e668b9ffa2dc4410e86">lucene-spatial-extras-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-spatial-extras:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-spatial-extras/6.2.1/lucene-spatial-extras-6.2.1.jar" target="_blank">org.apache.lucene:lucene-spatial-extras:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="lucene-suggest-6.2.1.jar"><a href="#l183_dbeb47e91e175ba4781fc629574977f493d3c1b2">lucene-suggest-6.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.lucene:lucene-suggest:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-suggest/6.2.1/lucene-suggest-6.2.1.jar" target="_blank">org.apache.lucene:lucene-suggest:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="maven-scm-api-1.4.jar"><a href="#l184_e294693ce217bd6f470b728127854e6ca787fd29">maven-scm-api-1.4.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.maven.scm:maven-scm-api:1.4">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22e294693ce217bd6f470b728127854e6ca787fd29%22" target="_blank">org.apache.maven.scm:maven-scm-api:1.4</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="maven-scm-provider-svn-commons-1.4.jar"><a href="#l185_54bc1dc24c5d205b4d251a83f4ea63808c21a628">maven-scm-provider-svn-commons-1.4.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.maven.scm:maven-scm-provider-svn-commons:1.4">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2254bc1dc24c5d205b4d251a83f4ea63808c21a628%22" target="_blank">org.apache.maven.scm:maven-scm-provider-svn-commons:1.4</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="maven-scm-provider-svnexe-1.4.jar"><a href="#l186_b3213b40157b701ba079b738baac391e41418c18">maven-scm-provider-svnexe-1.4.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.maven.scm:maven-scm-provider-svnexe:1.4">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22b3213b40157b701ba079b738baac391e41418c18%22" target="_blank">org.apache.maven.scm:maven-scm-provider-svnexe:1.4</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="neethi-3.0.3.jar"><a href="#l187_ee37a38bbf9f355ee88ba554a85c9220b75ba500">neethi-3.0.3.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:apache_test:3.0.3">
                                                                                                                                                                                cpe:/a:apache:apache_test:3.0.3
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.neethi:neethi:3.0.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22ee37a38bbf9f355ee88ba554a85c9220b75ba500%22" target="_blank">org.apache.neethi:neethi:3.0.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="opennlp-maxent-3.0.3.jar"><a href="#l188_55e39e6b46e71f35229cdd6950e72d8cce3b5fd4">opennlp-maxent-3.0.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.opennlp:opennlp-maxent:3.0.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2255e39e6b46e71f35229cdd6950e72d8cce3b5fd4%22" target="_blank">org.apache.opennlp:opennlp-maxent:3.0.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="opennlp-tools-1.5.3.jar"><a href="#l189_826d34168b0e4870c9f599ed7f2b8fee4194ba3b">opennlp-tools-1.5.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.opennlp:opennlp-tools:1.5.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22826d34168b0e4870c9f599ed7f2b8fee4194ba3b%22" target="_blank">org.apache.opennlp:opennlp-tools:1.5.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="fontbox-1.8.10.jar"><a href="#l190_41776c7713e3f3a1ce688bd96459fc597298c340">fontbox-1.8.10.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:font_project:font:1.8.10">
                                                                                                                                                                                cpe:/a:font_project:font:1.8.10
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.pdfbox:fontbox:1.8.10">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2241776c7713e3f3a1ce688bd96459fc597298c340%22" target="_blank">org.apache.pdfbox:fontbox:1.8.10</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="40.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>24</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jempbox-1.8.10.jar"><a href="#l191_40df4e4ca884aadc20b82d5abd0a3679774c55a6">jempbox-1.8.10.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.pdfbox:jempbox:1.8.10">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2240df4e4ca884aadc20b82d5abd0a3679774c55a6%22" target="_blank">org.apache.pdfbox:jempbox:1.8.10</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="pdfbox-1.8.10.jar"><a href="#l192_bc5d1254495be36d0a3b3d6c35f88d05200b9311">pdfbox-1.8.10.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.pdfbox:pdfbox:1.8.10">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22bc5d1254495be36d0a3b3d6c35f88d05200b9311%22" target="_blank">org.apache.pdfbox:pdfbox:1.8.10</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="poi-excelant-3.14.jar"><a href="#l193_49ded0a5f84a755ca7bce99ffe11fe6a972cb077">poi-excelant-3.14.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:poi:3.14">
                                                                                                                                                                                cpe:/a:apache:poi:3.14
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.poi:poi-excelant:3.14">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/poi/poi-excelant/3.14/poi-excelant-3.14.jar" target="_blank">org.apache.poi:poi-excelant:3.14</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="poi-ooxml-schemas-3.14.jar"><a href="#l194_97fe4bfdef7f103bfd9ec63c98ea90469afeec7b">poi-ooxml-schemas-3.14.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:poi:3.14">
                                                                                                                                                                                cpe:/a:apache:poi:3.14
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.poi:poi-ooxml-schemas:3.14">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/poi/poi-ooxml-schemas/3.14/poi-ooxml-schemas-3.14.jar" target="_blank">org.apache.poi:poi-ooxml-schemas:3.14</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="poi-ooxml-3.14.jar"><a href="#l195_911b3a5562b5dc4c5156d2d5f0f68a83346100d0">poi-ooxml-3.14.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:poi:3.14">
                                                                                                                                                                                cpe:/a:apache:poi:3.14
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.poi:poi-ooxml:3.14">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/poi/poi-ooxml/3.14/poi-ooxml-3.14.jar" target="_blank">org.apache.poi:poi-ooxml:3.14</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="poi-scratchpad-3.14.jar"><a href="#l196_3c775b327fd4d451b6fa8d6111197a2d33d1dc00">poi-scratchpad-3.14.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:poi:3.14">
                                                                                                                                                                                cpe:/a:apache:poi:3.14
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.poi:poi-scratchpad:3.14">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/poi/poi-scratchpad/3.14/poi-scratchpad-3.14.jar" target="_blank">org.apache.poi:poi-scratchpad:3.14</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="poi-3.14.jar"><a href="#l197_fad7ae6d2e59c59ffdb45f1981500babfa765180">poi-3.14.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:poi:3.14">
                                                                                                                                                                                cpe:/a:apache:poi:3.14
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.poi:poi:3.14">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/poi/poi/3.14/poi-3.14.jar" target="_blank">org.apache.poi:poi:3.14</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xmlsec-1.4.3.jar"><a href="#l198_22629b7c6b25352c25be97d0839460fef58ec533">xmlsec-1.4.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.santuario:xmlsec:1.4.3">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/santuario/xmlsec/1.4.3/xmlsec-1.4.3.jar" target="_blank">org.apache.santuario:xmlsec:1.4.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="shiro-core-1.3.0.jar"><a href="#l199_132a275104978c049e50b73f0299da44649b36d0">shiro-core-1.3.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:shiro:1.3.0">
                                                                                                                                                                                cpe:/a:apache:shiro:1.3.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.shiro:shiro-core:1.3.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22132a275104978c049e50b73f0299da44649b36d0%22" target="_blank">org.apache.shiro:shiro-core:1.3.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="sis-metadata-0.5.jar"><a href="#l200_1bbd65e52d27b61c64944b9275c44ccd79f267a7">sis-metadata-0.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.sis.core:sis-metadata:0.5">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/sis/core/sis-metadata/0.5/sis-metadata-0.5.jar" target="_blank">org.apache.sis.core:sis-metadata:0.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>28</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="sis-referencing-0.5.jar"><a href="#l201_377246c70fd858346fab8a0e554bed3b3cfcde70">sis-referencing-0.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.sis.core:sis-referencing:0.5">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/sis/core/sis-referencing/0.5/sis-referencing-0.5.jar" target="_blank">org.apache.sis.core:sis-referencing:0.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>28</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="sis-utility-0.5.jar"><a href="#l202_aaea81deda0e3c7ca2602e7fb9459bcc19894ecf">sis-utility-0.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.sis.core:sis-utility:0.5">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/sis/core/sis-utility/0.5/sis-utility-0.5.jar" target="_blank">org.apache.sis.core:sis-utility:0.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>27</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="sis-netcdf-0.5.jar"><a href="#l203_2b416e4506caebe7df6dd21b878dae888e0eea39">sis-netcdf-0.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.sis.storage:sis-netcdf:0.5">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/sis/storage/sis-netcdf/0.5/sis-netcdf-0.5.jar" target="_blank">org.apache.sis.storage:sis-netcdf:0.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>29</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="sis-storage-0.5.jar"><a href="#l204_29d1ea6422b68fbfe1f1702f122019ae376ee2c8">sis-storage-0.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.sis.storage:sis-storage:0.5">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/sis/storage/sis-storage/0.5/sis-storage-0.5.jar" target="_blank">org.apache.sis.storage:sis-storage:0.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>29</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="solr-core-6.2.1.jar"><a href="#l205_4449581b7570e576e710b0befc517d1dfc20ce63">solr-core-6.2.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:solr:6.2.1">
                                                                                                                                                                                cpe:/a:apache:solr:6.2.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.solr:solr-core:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/solr/solr-core/6.2.1/solr-core-6.2.1.jar" target="_blank">org.apache.solr:solr-core:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="solr-solrj-6.2.1.jar"><a href="#l206_2198098522110b60a5f8e3331bab7f1d0617b4eb">solr-solrj-6.2.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:solr:6.2.1">
                                                                                                                                                                                cpe:/a:apache:solr:6.2.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.solr:solr-solrj:6.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/solr/solr-solrj/6.2.1/solr-solrj-6.2.1.jar" target="_blank">org.apache.solr:solr-solrj:6.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tika-core-1.12.jar"><a href="#l207_5ab95580d22fe1dee79cffbcd98bb509a32da09b">tika-core-1.12.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tika:1.12">
                                                                                                                                                                                cpe:/a:apache:tika:1.12
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tika:tika-core:1.12">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%225ab95580d22fe1dee79cffbcd98bb509a32da09b%22" target="_blank">org.apache.tika:tika-core:1.12</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tika-parsers-1.12.jar"><a href="#l208_ee3ad76cb3066ba6c11e2db6d48b5ef6842a9788">tika-parsers-1.12.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tika:1.12">
                                                                                                                                                                                cpe:/a:apache:tika:1.12
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tika:tika-parsers:1.12">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22ee3ad76cb3066ba6c11e2db6d48b5ef6842a9788%22" target="_blank">org.apache.tika:tika-parsers:1.12</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>24</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-embed-core-8.0.39.jar"><a href="#l209_c026332148ad464592cbc720a933388782c0d24a">tomcat-embed-core-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat.embed:tomcat-embed-core:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/embed/tomcat-embed-core/8.0.39/tomcat-embed-core-8.0.39.jar" target="_blank">org.apache.tomcat.embed:tomcat-embed-core:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-embed-websocket-8.0.39.jar"><a href="#l210_d71f453312b433b3e1c5a92060d145aceff1bf4d">tomcat-embed-websocket-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat.embed:tomcat-embed-websocket:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/embed/tomcat-embed-websocket/8.0.39/tomcat-embed-websocket-8.0.39.jar" target="_blank">org.apache.tomcat.embed:tomcat-embed-websocket:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="tomcat-annotations-api-8.0.39.jar"><a href="#l211_e6c758db747fea851d1204d80977837214225e6e">tomcat-annotations-api-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:3.0">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0" target="_blank">cpe:/a:apache:tomcat:3.0</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-annotations-api:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-annotations-api/8.0.39/tomcat-annotations-api-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-annotations-api:8.0.39</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>31</td>
                        <td data-sort-value="0">MEDIUM</td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-api-8.0.39.jar"><a href="#l212_eeee8ea81a19db788beb6a2c08c76c26ee949e77">tomcat-api-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-api:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-api/8.0.39/tomcat-api-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-api:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-catalina-ha-8.0.39.jar"><a href="#l213_9f8d14719f30595f02c90f4f0710e9f88d315a2f">tomcat-catalina-ha-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-catalina-ha:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-catalina-ha/8.0.39/tomcat-catalina-ha-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-catalina-ha:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-catalina-8.0.39.jar"><a href="#l214_d20f0c7ddafdf6756ac21992daff67bf11f7f8eb">tomcat-catalina-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-catalina:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-catalina/8.0.39/tomcat-catalina-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-catalina:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-coyote-8.0.39.jar"><a href="#l215_2ed123189ca313c6698ca3c6a3850cac2779f93a">tomcat-coyote-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-coyote:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-coyote/8.0.39/tomcat-coyote-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-coyote:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="tomcat-el-api-8.0.39.jar"><a href="#l216_cd9bedd6df6e9729d02bcc07e27bfe832d603a50">tomcat-el-api-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:3.0">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0" target="_blank">cpe:/a:apache:tomcat:3.0</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-el-api:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-el-api/8.0.39/tomcat-el-api-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-el-api:8.0.39</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>31</td>
                        <td data-sort-value="0">MEDIUM</td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-jasper-el-8.0.39.jar"><a href="#l217_cba7eee5fb858d17db7a99dc8f049a45fa91ab73">tomcat-jasper-el-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-jasper-el:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-jasper-el/8.0.39/tomcat-jasper-el-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-jasper-el:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-jasper-8.0.39.jar"><a href="#l218_11dd04519539203f93441e190386aef56300dd06">tomcat-jasper-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-jasper:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-jasper/8.0.39/tomcat-jasper-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-jasper:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-jni-8.0.39.jar"><a href="#l219_20ad922054350aac0772a77490ebe1e11d6cb273">tomcat-jni-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-jni:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-jni/8.0.39/tomcat-jni-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-jni:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-jsp-api-8.0.39.jar"><a href="#l220_f7a1bf2373d9d9e030e31a5745be5fda9dca1e45">tomcat-jsp-api-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-jsp-api:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-jsp-api/8.0.39/tomcat-jsp-api-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-jsp-api:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-juli-8.0.39.jar"><a href="#l221_f6fc6863d31cf8ef0d9c0d28a3de35afe712a23b">tomcat-juli-8.0.39.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-juli:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-juli/8.0.39/tomcat-juli-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-juli:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="tomcat-servlet-api-8.0.39.jar"><a href="#l222_f122b4ee5a6546132aa2c6b4c059c5b04ccfa623">tomcat-servlet-api-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:3.1">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1" target="_blank">cpe:/a:apache:tomcat:3.1</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-servlet-api:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-servlet-api/8.0.39/tomcat-servlet-api-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-servlet-api:8.0.39</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>32</td>
                        <td data-sort-value="0">MEDIUM</td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-tribes-8.0.39.jar"><a href="#l223_1cfffdddee4a753b25435c0b634d0f2b50df54e6">tomcat-tribes-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-tribes:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-tribes/8.0.39/tomcat-tribes-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-tribes:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-util-scan-8.0.39.jar"><a href="#l224_2d8f5be75d4edd7c29022e0cb0e0ccf1d00147aa">tomcat-util-scan-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-util-scan:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-util-scan/8.0.39/tomcat-util-scan-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-util-scan:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tomcat-util-8.0.39.jar"><a href="#l225_83729054653fa3aad57818c68f1cc491022bc814">tomcat-util-8.0.39.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tomcat:8.0.39">
                                                                                                                                                                                cpe:/a:apache:tomcat:8.0.39
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.tomcat:tomcat-util:8.0.39">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-util/8.0.39/tomcat-util-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-util:8.0.39</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="woden-core-1.0M10.jar"><a href="#l226_ffed89bc39eb7fce6b74765b3417c6844d8003a2">woden-core-1.0M10.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.woden:woden-core:1.0M10">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22ffed89bc39eb7fce6b74765b3417c6844d8003a2%22" target="_blank">org.apache.woden:woden-core:1.0M10</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="axiom-api-1.2.17.jar"><a href="#l227_aaf2a6028822dd3d55a4221188ecb73d4c9e219a">axiom-api-1.2.17.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ws.commons.axiom:axiom-api:1.2.17">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22aaf2a6028822dd3d55a4221188ecb73d4c9e219a%22" target="_blank">org.apache.ws.commons.axiom:axiom-api:1.2.17</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="axiom-impl-1.2.17.jar"><a href="#l228_6df316d52cfd9efc4ee155b4dff0125769af1580">axiom-impl-1.2.17.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ws.commons.axiom:axiom-impl:1.2.17">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/ws/commons/axiom/axiom-impl/1.2.17/axiom-impl-1.2.17.jar" target="_blank">org.apache.ws.commons.axiom:axiom-impl:1.2.17</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/core-aspects/pom.xml"><a href="#l229_42e8d4b4f2f941ab0b50240e6b096a1151221003">axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/core-aspects/pom.xml</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ws.commons.axiom:core-aspects:1.2.17">                            org.apache.ws.commons.axiom:core-aspects:1.2.17
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>7</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/om-aspects/pom.xml"><a href="#l230_2e08c15bd701460f07711311fad5785ecf7ad861">axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/om-aspects/pom.xml</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ws.commons.axiom:om-aspects:1.2.17">                            org.apache.ws.commons.axiom:om-aspects:1.2.17
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>8</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/shared-aspects/pom.xml"><a href="#l231_bbe62a1404feb5cc8f9a7babbd7a12d50479144b">axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/shared-aspects/pom.xml</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ws.commons.axiom:shared-aspects:1.2.17">                            org.apache.ws.commons.axiom:shared-aspects:1.2.17
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>8</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/xml-utils/pom.xml"><a href="#l232_dac902cf3a5280076d8a92fc9a421fe15e23a1e6">axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/xml-utils/pom.xml</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ws.commons.axiom:xml-utils:1.2.17">                            org.apache.ws.commons.axiom:xml-utils:1.2.17
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>6</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ws-commons-util-1.0.2.jar"><a href="#l233_3f478e6def772c19d1053f61198fa1f6a6119238">ws-commons-util-1.0.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ws.commons.util:ws-commons-util:1.0.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%223f478e6def772c19d1053f61198fa1f6a6119238%22" target="_blank">org.apache.ws.commons.util:ws-commons-util:1.0.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xmlschema-core-2.2.1.jar"><a href="#l234_02eff1f3776590d4c51cc735eab2143c497329f2">xmlschema-core-2.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.ws.xmlschema:xmlschema-core:2.2.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2202eff1f3776590d4c51cc735eab2143c497329f2%22" target="_blank">org.apache.ws.xmlschema:xmlschema-core:2.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xmlbeans-2.6.0.jar"><a href="#l235_29e80d2dd51f9dcdef8f9ffaee0d4dc1c9bbfc87">xmlbeans-2.6.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.xmlbeans:xmlbeans:2.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlbeans/xmlbeans/2.6.0/xmlbeans-2.6.0.jar" target="_blank">org.apache.xmlbeans:xmlbeans:2.6.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-anim-1.8.jar"><a href="#l236_68197dfa3643a906ba250025a03dc42e6efe2dec">batik-anim-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-anim:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-anim/1.8/batik-anim-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-anim:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-awt-util-1.8.jar"><a href="#l237_5cd7f97060cdfab0139e70504962d48ceee71ef2">batik-awt-util-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-awt-util:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-awt-util/1.8/batik-awt-util-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-awt-util:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-bridge-1.8.jar"><a href="#l238_4ab4110b0ed4650ef50d4a344f0ca5c027f3283a">batik-bridge-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-bridge:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-bridge/1.8/batik-bridge-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-bridge:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-css-1.8.jar"><a href="#l239_2b3f22cc65702a0821b7f0178d055282a1cdde59">batik-css-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-css:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-css/1.8/batik-css-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-css:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-dom-1.8.jar"><a href="#l240_4e696cf01cee52e8c4f86c842b5d8314e689209c">batik-dom-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-dom:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-dom/1.8/batik-dom-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-dom:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-ext-1.8.jar"><a href="#l241_8713f3238cfac337624a90c3ad7d45d7bc6fb1b5">batik-ext-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-ext:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-ext/1.8/batik-ext-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-ext:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-extension-1.8.jar"><a href="#l242_c5e9e1f07a65c89d2be92fd63e1b0f64357a46db">batik-extension-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-extension:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-extension/1.8/batik-extension-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-extension:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-gvt-1.8.jar"><a href="#l243_fbde4cd3c43001c162446cf43093d09fda346e11">batik-gvt-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-gvt:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-gvt/1.8/batik-gvt-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-gvt:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-parser-1.8.jar"><a href="#l244_86ec4ab0c828b570d0ccbeba14f85ac011a333f2">batik-parser-1.8.jar</a></td>
                                                                                                                                                        <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                            </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="3">LOW</td>
                        <td>9</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-script-1.8.jar"><a href="#l245_5bda6a9d45065b184c83c46b64d8002b4e0ab7c7">batik-script-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-script:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-script/1.8/batik-script-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-script:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-svg-dom-1.8.jar"><a href="#l246_97c9d00d08c849066d2359b0f1124f0e82b952c2">batik-svg-dom-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-svg-dom:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-svg-dom/1.8/batik-svg-dom-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-svg-dom:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-svggen-1.8.jar"><a href="#l247_c4684e18303e931845df704f9b9f6995fd770789">batik-svggen-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-svggen:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-svggen/1.8/batik-svggen-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-svggen:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-transcoder-1.8.jar"><a href="#l248_f330b3e9946ff21ddf3ea6d4f58ae44145cfd362">batik-transcoder-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-transcoder:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-transcoder/1.8/batik-transcoder-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-transcoder:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-util-1.8.jar"><a href="#l249_35dcd204f397d6976290ca48ffa0011ba9b7ef43">batik-util-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-util:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-util/1.8/batik-util-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-util:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-xml-1.8.jar"><a href="#l250_9bf0ee759fed1e3a2e4ad41819eac69ff4873732">batik-xml-1.8.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8">
                                                                                                                                                                                cpe:/a:apache:batik:1.8
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:batik-xml:1.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-xml/1.8/batik-xml-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-xml:1.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="fop-2.1.jar"><a href="#l251_c78a1013a5de5b49a3fb1c6f3289940f44554cb6">fop-2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.xmlgraphics:fop:2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/fop/2.1/fop-2.1.jar" target="_blank">org.apache.xmlgraphics:fop:2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xmlgraphics-commons-2.1.jar"><a href="#l252_b61132defe1df4e91c1eb0ddf544958c50d358b5">xmlgraphics-commons-2.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:2.1">
                                                                                                                                                                                cpe:/a:apache:batik:2.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.xmlgraphics:xmlgraphics-commons:2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/xmlgraphics-commons/2.1/xmlgraphics-commons-2.1.jar" target="_blank">org.apache.xmlgraphics:xmlgraphics-commons:2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xmlrpc-client-3.1.2.jar"><a href="#l253_ca8c57a1c4abc23b75b15ad636b4d20274f021c2">xmlrpc-client-3.1.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.xmlrpc:xmlrpc-client:3.1.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22ca8c57a1c4abc23b75b15ad636b4d20274f021c2%22" target="_blank">org.apache.xmlrpc:xmlrpc-client:3.1.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xmlrpc-common-3.1.2.jar"><a href="#l254_a8b0084839aee2f48113b3dc2517b8022a5fbc0f">xmlrpc-common-3.1.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.xmlrpc:xmlrpc-common:3.1.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22a8b0084839aee2f48113b3dc2517b8022a5fbc0f%22" target="_blank">org.apache.xmlrpc:xmlrpc-common:3.1.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xmlrpc-server-3.1.2.jar"><a href="#l255_7e5123995d009129af3dfc663d2ec91c6541bf98">xmlrpc-server-3.1.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.apache.xmlrpc:xmlrpc-server:3.1.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%227e5123995d009129af3dfc663d2ec91c6541bf98%22" target="_blank">org.apache.xmlrpc:xmlrpc-server:3.1.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="zookeeper-3.4.6.jar"><a href="#l256_01b2502e29da1ebaade2357cd1de35a855fa3755">zookeeper-3.4.6.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:zookeeper:3.4.6">
                                                                                                                                                                                cpe:/a:apache:zookeeper:3.4.6
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.apache.zookeeper:zookeeper:3.4.6">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/apache/zookeeper/zookeeper/3.4.6/zookeeper-3.4.6.jar" target="_blank">org.apache.zookeeper:zookeeper:3.4.6</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="21.0">
                                                    Low
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="aspectjrt-1.8.0.jar"><a href="#l257_302d0fe0abba26bbf5f31c3cd5337b3125c744e3">aspectjrt-1.8.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.aspectj:aspectjrt:1.8.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/aspectj/aspectjrt/1.8.0/aspectjrt-1.8.0.jar" target="_blank">org.aspectj:aspectjrt:1.8.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="bsh-core-2.0b4.jar"><a href="#l258_495e25a99e29970ffe8ba0b1d551e1d1a9991fc1">bsh-core-2.0b4.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.beanshell:bsh-core:2.0b4">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/beanshell/bsh-core/2.0b4/bsh-core-2.0b4.jar" target="_blank">org.beanshell:bsh-core:2.0b4</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="bcmail-jdk15on-1.52.jar"><a href="#l259_4995a870400e1554d1c7ed2afcb5d198fae12db9">bcmail-jdk15on-1.52.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.bouncycastle:bcmail-jdk15on:1.52">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bcmail-jdk15on/1.52/bcmail-jdk15on-1.52.jar" target="_blank">org.bouncycastle:bcmail-jdk15on:1.52</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>29</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="bcpkix-jdk15on-1.52.jar"><a href="#l260_b8ffac2bbc6626f86909589c8cc63637cc936504">bcpkix-jdk15on-1.52.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.bouncycastle:bcpkix-jdk15on:1.52">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bcpkix-jdk15on/1.52/bcpkix-jdk15on-1.52.jar" target="_blank">org.bouncycastle:bcpkix-jdk15on:1.52</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>27</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="bcprov-jdk15on-1.52.jar"><a href="#l261_88a941faf9819d371e3174b5ed56a3f3f7d73269">bcprov-jdk15on-1.52.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.52cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.52">
                                                                                                                                                                                cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.52
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.52
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.bouncycastle:bcprov-jdk15on:1.52">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bcprov-jdk15on/1.52/bcprov-jdk15on-1.52.jar" target="_blank">org.bouncycastle:bcprov-jdk15on:1.52</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>27</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="bctsp-jdk14-1.38.jar"><a href="#l262_4821122f8390d15f4b5ee652621e2a2bb1f1bf16">bctsp-jdk14-1.38.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:openpgp:openpgp:1.38cpe:/a:pgp:openpgp:1.38">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aopenpgp%3Aopenpgp" target="_blank">cpe:/a:openpgp:openpgp:1.38</a>
                                                                                                                                                                                                                                                    <br/>
                                                                                                    <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Apgp%3Aopenpgp" target="_blank">cpe:/a:pgp:openpgp:1.38</a>
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.bouncycastle:bctsp-jdk14:1.38">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bctsp-jdk14/1.38/bctsp-jdk14-1.38.jar" target="_blank">org.bouncycastle:bctsp-jdk14:1.38</a>
                                                </td>
                                                                                                                                                                                                            <td data-sort-value="50.0">
                                                    Medium
                                                </td>
                        <td>2</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="tagsoup-1.2.1.jar"><a href="#l263_5584627487e984c03456266d3f8802eb85a9ce97">tagsoup-1.2.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.ccil.cowan.tagsoup:tagsoup:1.2.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/ccil/cowan/tagsoup/tagsoup/1.2.1/tagsoup-1.2.1.jar" target="_blank">org.ccil.cowan.tagsoup:tagsoup:1.2.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>15</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="batik-all-1.8pre-r1084380.jar"><a href="#l264_2898c85b844ad4db731d8dbd7bac395bece5bead">batik-all-1.8pre-r1084380.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.8pre">
                                                                                                                                                                                cpe:/a:apache:batik:1.8pre
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.codeartisans.thirdparties.swing:batik-all:1.8pre-r1084380">                                                        <a href="https://search.maven.org/remotecontent?filepath=org/codeartisans/thirdparties/swing/batik-all/1.8pre-r1084380/batik-all-1.8pre-r1084380.jar" target="_blank">org.codeartisans.thirdparties.swing:batik-all:1.8pre-r1084380</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="groovy-all-2.4.5.jar"><a href="#l265_01730f61e9c9e59fd1b814371265334d7be0b8d2">groovy-all-2.4.5.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:groovy:2.4.5">
                                                                                                                                                                                cpe:/a:apache:groovy:2.4.5
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.codehaus.groovy:groovy-all:2.4.5">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/codehaus/groovy/groovy-all/2.4.5/groovy-all-2.4.5.jar" target="_blank">org.codehaus.groovy:groovy-all:2.4.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="plexus-utils-1.5.6.jar"><a href="#l266_8fb6b798a4036048b3005e058553bf21a87802ed">plexus-utils-1.5.6.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.codehaus.plexus:plexus-utils:1.5.6">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/codehaus/plexus/plexus-utils/1.5.6/plexus-utils-1.5.6.jar" target="_blank">org.codehaus.plexus:plexus-utils:1.5.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="plexus-utils-1.5.6.jar\META-INF/maven/org.codehaus.plexus/plexus-interpolation/pom.xml"><a href="#l267_1074eabfbcbfb0decfe6f9ed0541668e114b9311">plexus-utils-1.5.6.jar\META-INF/maven/org.codehaus.plexus/plexus-interpolation/pom.xml</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.codehaus.plexus:plexus-interpolation:1.0">                            org.codehaus.plexus:plexus-interpolation:1.0
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>7</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="stax2-api-3.1.4.jar"><a href="#l268_ac19014b1e6a7c08aad07fe114af792676b685b7">stax2-api-3.1.4.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.codehaus.woodstox:stax2-api:3.1.4">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22ac19014b1e6a7c08aad07fe114af792676b685b7%22" target="_blank">org.codehaus.woodstox:stax2-api:3.1.4</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="woodstox-core-asl-4.4.1.jar"><a href="#l269_84fee5eb1a4a1cefe65b6883c73b3fa83be3c1a1">woodstox-core-asl-4.4.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.codehaus.woodstox:woodstox-core-asl:4.4.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/codehaus/woodstox/woodstox-core-asl/4.4.1/woodstox-core-asl-4.4.1.jar" target="_blank">org.codehaus.woodstox:woodstox-core-asl:4.4.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jhighlight-1.0.2.jar"><a href="#l270_992a8a8add10468930efc1f110f2895f68258a1e">jhighlight-1.0.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.codelibs:jhighlight:1.0.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22992a8a8add10468930efc1f110f2895f68258a1e%22" target="_blank">org.codelibs:jhighlight:1.0.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="com.lowagie.text-2.1.7.jar"><a href="#l271_18d4c7c2014447eacfd00c65c717b3cfc422407b">com.lowagie.text-2.1.7.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:2.1.7">
                                                                                                                                                                                cpe:/a:eclipse:birt:2.1.7
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:com.lowagie.text:2.1.7">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/com.lowagie.text/2.1.7/com.lowagie.text-2.1.7.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:com.lowagie.text:2.1.7</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="javax.wsdl-1.5.1.jar"><a href="#l272_29ec6b1964b05d6ff9728226d2a1e61fab3ac95c">javax.wsdl-1.5.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.5.1">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.5.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:javax.wsdl:1.5.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/javax.wsdl/1.5.1/javax.wsdl-1.5.1.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:javax.wsdl:1.5.1</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>24</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.bridge-1.6.0.jar"><a href="#l273_e2db6eb9029356884f123a60e9b72a51919e9a6f">org.apache.batik.bridge-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.bridge:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.bridge/1.6.0/org.apache.batik.bridge-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.bridge:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.css-1.6.0.jar"><a href="#l274_1e54558f0ad4b78f907f3461c14c7a7a91aecab2">org.apache.batik.css-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.css:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.css/1.6.0/org.apache.batik.css-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.css:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.dom.svg-1.6.0.jar"><a href="#l275_ce507ddef394d6c6771bc8692c7db6afb1da4fa0">org.apache.batik.dom.svg-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.dom.svg:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.dom.svg/1.6.0/org.apache.batik.dom.svg-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.dom.svg:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.dom-1.6.0.jar"><a href="#l276_e9fe8d31ea04c6cd566e35f61524e561821bbe57">org.apache.batik.dom-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.dom:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.dom/1.6.0/org.apache.batik.dom-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.dom:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.ext.awt-1.6.0.jar"><a href="#l277_4df20bee143553a89b26bc06411eb4dcf44ec18e">org.apache.batik.ext.awt-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.ext.awt:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.ext.awt/1.6.0/org.apache.batik.ext.awt-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.ext.awt:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.parser-1.6.0.jar"><a href="#l278_5e6dd459704dd6bd168f1b030cb739872e994339">org.apache.batik.parser-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.parser:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.parser/1.6.0/org.apache.batik.parser-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.parser:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.svggen-1.6.0.jar"><a href="#l279_05cb65af57bdfd093c47b3cf7bc8bb57e10f5451">org.apache.batik.svggen-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.svggen:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.svggen/1.6.0/org.apache.batik.svggen-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.svggen:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.transcoder-1.6.0.jar"><a href="#l280_fc5d9326a3195f15781d2fcea862ec1767e30ebf">org.apache.batik.transcoder-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.transcoder:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.transcoder/1.6.0/org.apache.batik.transcoder-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.transcoder:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.util.gui-1.6.0.jar"><a href="#l281_6afa9107935bdeede0487c770bb0537b1a341c81">org.apache.batik.util.gui-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.util.gui:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.util.gui/1.6.0/org.apache.batik.util.gui-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.util.gui:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.util-1.6.0.jar"><a href="#l282_074aafd6361820f7e67474e78b16fd4365d1a58a">org.apache.batik.util-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.util:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.util/1.6.0/org.apache.batik.util-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.util:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.batik.xml-1.6.0.jar"><a href="#l283_8b3fbec88190a39eae4de5088a1199f23526258e">org.apache.batik.xml-1.6.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:batik:1.6.0">
                                                                                                                                                                                cpe:/a:apache:batik:1.6.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.batik.xml:1.6.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.xml/1.6.0/org.apache.batik.xml-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.xml:1.6.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.commons.codec-1.3.0.jar"><a href="#l284_72c73f3729b4ca49dac8691fb5adb194e8595799">org.apache.commons.codec-1.3.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.3.0">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.3.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.commons.codec:1.3.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.commons.codec/1.3.0/org.apache.commons.codec-1.3.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.commons.codec:1.3.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.apache.xerces-2.9.0.jar"><a href="#l285_615a1b724b88b81e8a040ec148fd25368f7b48e5">org.apache.xerces-2.9.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:2.9.0">
                                                                                                                                                                                cpe:/a:eclipse:birt:2.9.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.xerces:2.9.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.xerces/2.9.0/org.apache.xerces-2.9.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.xerces:2.9.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.apache.xml.resolver-1.2.0.jar"><a href="#l286_7c9c22053b04772e81dc62d665b202eeae82ae47">org.apache.xml.resolver-1.2.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.2.0">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.2.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.xml.resolver:1.2.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.xml.resolver/1.2.0/org.apache.xml.resolver-1.2.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.xml.resolver:1.2.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.apache.xml.serializer-2.7.1.jar"><a href="#l287_a8508e22414c8e12cdfdc42b25a7c7efa4004556">org.apache.xml.serializer-2.7.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:2.7.1">
                                                                                                                                                                                cpe:/a:eclipse:birt:2.7.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.apache.xml.serializer:2.7.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.xml.serializer/2.7.1/org.apache.xml.serializer-2.7.1.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.xml.serializer:2.7.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.mozilla.javascript-1.7.2.jar"><a href="#l288_b520e18bd357a47deb2e902ce49533564236219b">org.mozilla.javascript-1.7.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.mozilla.javascript:1.7.2">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.mozilla.javascript/1.7.2/org.mozilla.javascript-1.7.2.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.mozilla.javascript:1.7.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.w3c.css.sac-1.3.0.jar"><a href="#l289_8dfb0e08c19f3b47290096d27ab71ed4f2a5000a">org.w3c.css.sac-1.3.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.3.0">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.3.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.w3c.css.sac:1.3.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.w3c.css.sac/1.3.0/org.w3c.css.sac-1.3.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.w3c.css.sac:1.3.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.w3c.dom.smil-1.0.0.jar"><a href="#l290_674bdda9162b48419741da833e445e190f33a58a">org.w3c.dom.smil-1.0.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.0">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.w3c.dom.smil:1.0.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.w3c.dom.smil/1.0.0/org.w3c.dom.smil-1.0.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.w3c.dom.smil:1.0.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.w3c.dom.svg-1.1.0.jar"><a href="#l291_9c6413ed43b4e9ba56982a554e03bd012cc44ed9">org.w3c.dom.svg-1.1.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.1.0">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.1.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:org.w3c.dom.svg:1.1.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.w3c.dom.svg/1.1.0/org.w3c.dom.svg-1.1.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.w3c.dom.svg:1.1.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="Tidy-1.jar"><a href="#l292_63b1e38f4ca630dbac3d2072cda2a9336914d10c">Tidy-1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.eclipse.birt.runtime.3_7_1:Tidy:1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/Tidy/1/Tidy-1.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:Tidy:1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="com.ibm.icu-50.1.1.v201304230130.jar"><a href="#l293_ff82137ba65f8676355452edc0ca57975d1b69f4">com.ibm.icu-50.1.1.v201304230130.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:50.1.1.v20130423">
                                                                                                                                                                                cpe:/a:eclipse:birt:50.1.1.v20130423
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:com.ibm.icu:50.1.1.v201304230130">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/com.ibm.icu/50.1.1.v201304230130/com.ibm.icu-50.1.1.v201304230130.jar" target="_blank">org.eclipse.birt.runtime:com.ibm.icu:50.1.1.v201304230130</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="javax.xml.stream-1.0.1.v201004272200.jar"><a href="#l294_3a4f0067058e2aa9af1c6e463bc8a147a99681c0">javax.xml.stream-1.0.1.v201004272200.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.1.v20100427">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.1.v20100427
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:javax.xml.stream:1.0.1.v201004272200">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/javax.xml.stream/1.0.1.v201004272200/javax.xml.stream-1.0.1.v201004272200.jar" target="_blank">org.eclipse.birt.runtime:javax.xml.stream:1.0.1.v201004272200</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.birt.runtime-4.4.1.jar"><a href="#l295_d7f5495359184868842e469c1929109a0f69d87a">org.eclipse.birt.runtime-4.4.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:4.4.1">
                                                                                                                                                                                cpe:/a:eclipse:birt:4.4.1
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.birt.runtime:4.4.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.birt.runtime/4.4.1/org.eclipse.birt.runtime-4.4.1.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.birt.runtime:4.4.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.core.contenttype-3.4.200.v20130326-1255.jar"><a href="#l296_09a032a98b4b139fa91522b10fdc61ffa9864414">org.eclipse.core.contenttype-3.4.200.v20130326-1255.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.4.200.v20130326">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.4.200.v20130326
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.core.contenttype:3.4.200.v20130326-1255">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.contenttype/3.4.200.v20130326-1255/org.eclipse.core.contenttype-3.4.200.v20130326-1255.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.contenttype:3.4.200.v20130326-1255</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.core.expressions-3.4.500.v20130515-1343.jar"><a href="#l297_97cc20cce87af191fc620562ab74b1cde95947fd">org.eclipse.core.expressions-3.4.500.v20130515-1343.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.4.500.v20130515">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.4.500.v20130515
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.core.expressions:3.4.500.v20130515-1343">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.expressions/3.4.500.v20130515-1343/org.eclipse.core.expressions-3.4.500.v20130515-1343.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.expressions:3.4.500.v20130515-1343</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.core.filesystem-1.4.0.v20130514-1240.jar"><a href="#l298_e26398a301d91db6516debe38664239481d4b309">org.eclipse.core.filesystem-1.4.0.v20130514-1240.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.4.0.v20130514">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.4.0.v20130514
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.core.filesystem:1.4.0.v20130514-1240">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.filesystem/1.4.0.v20130514-1240/org.eclipse.core.filesystem-1.4.0.v20130514-1240.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.filesystem:1.4.0.v20130514-1240</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.core.jobs-3.6.0.v20140424-0053.jar"><a href="#l299_e013c919510607d9c8ac5585b66ff4ee5e364ec9">org.eclipse.core.jobs-3.6.0.v20140424-0053.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.6.0.v20140424">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.6.0.v20140424
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.core.jobs:3.6.0.v20140424-0053">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.jobs/3.6.0.v20140424-0053/org.eclipse.core.jobs-3.6.0.v20140424-0053.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.jobs:3.6.0.v20140424-0053</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.core.resources-3.9.1.v20140825-1431.jar"><a href="#l300_24a0e4b809d9cb102e7bf8123a2844657b916090">org.eclipse.core.resources-3.9.1.v20140825-1431.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.9.1.v20140825">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.9.1.v20140825
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.core.resources:3.9.1.v20140825-1431">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.resources/3.9.1.v20140825-1431/org.eclipse.core.resources-3.9.1.v20140825-1431.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.resources:3.9.1.v20140825-1431</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.core.resources-3.9.1.v20140825-1431.jar: resources-ant.jar"><a href="#l301_ac97fcd1a043208b58e6ec13c2708e5cbfdf9a55">org.eclipse.core.resources-3.9.1.v20140825-1431.jar: resources-ant.jar</a></td>
                                                                        <td data-sort-value="">
                                                                        </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>5</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.core.runtime-3.9.0.v20130326-1255.jar"><a href="#l302_47eedfa6e872020604db4b2e1949aa6ca273ac6a">org.eclipse.core.runtime-3.9.0.v20130326-1255.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.9.0.v20130326">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.9.0.v20130326
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.core.runtime:3.9.0.v20130326-1255">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.runtime/3.9.0.v20130326-1255/org.eclipse.core.runtime-3.9.0.v20130326-1255.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.runtime:3.9.0.v20130326-1255</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459.jar"><a href="#l303_be66d744ac0e8f011055c37eb6c0b0b8de2d0978">org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:derby:1.0.2.v20110722">
                                                                                                                                                                                cpe:/a:apache:derby:1.0.2.v20110722
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.apache.derby.dbdefinition:1.0.2.v201107221459">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.apache.derby.dbdefinition/1.0.2.v201107221459/org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.apache.derby.dbdefinition:1.0.2.v201107221459</a>
                                                </td>
                                                                                                                                                                                                                                                                <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>3</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447.jar"><a href="#l304_2257789d5761585d498d13bb2269c180c970f28d">org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:derby:1.0.103.v20121207">
                                                                                                                                                                                cpe:/a:apache:derby:1.0.103.v20121207
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.apache.derby:1.0.103.v201212070447">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.apache.derby/1.0.103.v201212070447/org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.apache.derby:1.0.103.v201212070447</a>
                                                </td>
                                                                                                                                                                                                                                                                <td data-sort-value="64.0">
                                                    Medium
                                                </td>
                        <td>3</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.console.profile-1.0.10.v201109250955.jar"><a href="#l305_2c338e35fc23603cea9ebaf5177a0c042f38eea1">org.eclipse.datatools.connectivity.console.profile-1.0.10.v201109250955.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.10.v20110925">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.10.v20110925
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.console.profile:1.0.10.v201109250955">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.console.profile/1.0.10.v201109250955/org.eclipse.datatools.connectivity.console.profile-1.0.10.v201109250955.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.console.profile:1.0.10.v201109250955</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.db.generic-1.0.1.v201107221459.jar"><a href="#l306_4dd3c5554bea2302448e4201167e36e2bf11d383">org.eclipse.datatools.connectivity.db.generic-1.0.1.v201107221459.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.1.v20110722">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.1.v20110722
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.db.generic:1.0.1.v201107221459">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.db.generic/1.0.1.v201107221459/org.eclipse.datatools.connectivity.db.generic-1.0.1.v201107221459.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.db.generic:1.0.1.v201107221459</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.dbdefinition.genericJDBC-1.0.1.v201107221459.jar"><a href="#l307_1ee4dc13d331d13f2be2f1cb1b62b789c25db9cc">org.eclipse.datatools.connectivity.dbdefinition.genericJDBC-1.0.1.v201107221459.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.1.v20110722">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.1.v20110722
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.dbdefinition.genericJDBC:1.0.1.v201107221459">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.dbdefinition.genericJDBC/1.0.1.v201107221459/org.eclipse.datatools.connectivity.dbdefinition.genericJDBC-1.0.1.v201107221459.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.dbdefinition.genericJDBC:1.0.1.v201107221459</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.oda.consumer-3.2.6.v201305170644.jar"><a href="#l308_45205c69d334dec54f76f8e2a5cacab8accde588">org.eclipse.datatools.connectivity.oda.consumer-3.2.6.v201305170644.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.2.6.v20130517">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.2.6.v20130517
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.consumer:3.2.6.v201305170644">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.oda.consumer/3.2.6.v201305170644/org.eclipse.datatools.connectivity.oda.consumer-3.2.6.v201305170644.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.consumer:3.2.6.v201305170644</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.oda.design-3.3.6.v201212070447.jar"><a href="#l309_bce1829458bb7c58200cb72c045d48e82702d0a8">org.eclipse.datatools.connectivity.oda.design-3.3.6.v201212070447.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.3.6.v20121207">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.3.6.v20121207
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.design:3.3.6.v201212070447">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.oda.design/3.3.6.v201212070447/org.eclipse.datatools.connectivity.oda.design-3.3.6.v201212070447.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.design:3.3.6.v201212070447</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.oda.flatfile-3.1.8.v201403010906.jar"><a href="#l310_3c62f783f8ac17aca5250f2a640dfd85c1df9178">org.eclipse.datatools.connectivity.oda.flatfile-3.1.8.v201403010906.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.1.8.v20140301">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.1.8.v20140301
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.flatfile:3.1.8.v201403010906">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.oda.flatfile/3.1.8.v201403010906/org.eclipse.datatools.connectivity.oda.flatfile-3.1.8.v201403010906.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.flatfile:3.1.8.v201403010906</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.oda.profile-3.2.9.v201403131814.jar"><a href="#l311_2f795c899dac80982e95c9e2d5413ef88031cdab">org.eclipse.datatools.connectivity.oda.profile-3.2.9.v201403131814.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.2.9.v20140313">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.2.9.v20140313
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.profile:3.2.9.v201403131814">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.oda.profile/3.2.9.v201403131814/org.eclipse.datatools.connectivity.oda.profile-3.2.9.v201403131814.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.profile:3.2.9.v201403131814</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.oda-3.4.3.v201405301249.jar"><a href="#l312_91fa06c7a97275ea799fec9d557fc60def2e443d">org.eclipse.datatools.connectivity.oda-3.4.3.v201405301249.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.4.3.v20140530">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.4.3.v20140530
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda:3.4.3.v201405301249">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.oda/3.4.3.v201405301249/org.eclipse.datatools.connectivity.oda-3.4.3.v201405301249.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda:3.4.3.v201405301249</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity.sqm.core-1.2.8.v201401230755.jar"><a href="#l313_c0d3d79971a815a4db6c5b009ada4f0f1f44e043">org.eclipse.datatools.connectivity.sqm.core-1.2.8.v201401230755.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.2.8.v20140123">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.2.8.v20140123
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.sqm.core:1.2.8.v201401230755">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.sqm.core/1.2.8.v201401230755/org.eclipse.datatools.connectivity.sqm.core-1.2.8.v201401230755.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.sqm.core:1.2.8.v201401230755</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.connectivity-1.2.11.v201401230755.jar"><a href="#l314_2e2f258cf40953e97423343786eed44aaef5e207">org.eclipse.datatools.connectivity-1.2.11.v201401230755.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.2.11.v20140123">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.2.11.v20140123
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.connectivity:1.2.11.v201401230755">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity/1.2.11.v201401230755/org.eclipse.datatools.connectivity-1.2.11.v201401230755.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity:1.2.11.v201401230755</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.hsqldb.dbdefinition-1.0.0.v201107221502.jar"><a href="#l315_aa3214296e97b4dfd14345acea23f2c92e992c36">org.eclipse.datatools.enablement.hsqldb.dbdefinition-1.0.0.v201107221502.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.0.v20110722">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.0.v20110722
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.hsqldb.dbdefinition:1.0.0.v201107221502">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.hsqldb.dbdefinition/1.0.0.v201107221502/org.eclipse.datatools.enablement.hsqldb.dbdefinition-1.0.0.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.hsqldb.dbdefinition:1.0.0.v201107221502</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.hsqldb-1.0.0.v201107221502.jar"><a href="#l316_5f987f4588c989290c038bd70460c36caa972c0b">org.eclipse.datatools.enablement.hsqldb-1.0.0.v201107221502.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.0.v20110722">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.0.v20110722
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.hsqldb:1.0.0.v201107221502">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.hsqldb/1.0.0.v201107221502/org.eclipse.datatools.enablement.hsqldb-1.0.0.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.hsqldb:1.0.0.v201107221502</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar"><a href="#l317_7ba2ad3443244862426b20f2da73bb78c7223287">org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:ibm:db2:1.0.4.v20110722">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aibm%3Adb2" target="_blank">cpe:/a:ibm:db2:1.0.4.v20110722</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition:1.0.4.v201107221502">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition/1.0.4.v201107221502/org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition:1.0.4.v201107221502</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="100.0">
                                                    High
                                                </td>
                        <td>23</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar"><a href="#l318_3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d">org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:ibm:db2:1.0.2.v20110722">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aibm%3Adb2" target="_blank">cpe:/a:ibm:db2:1.0.2.v20110722</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.db2.luw:1.0.2.v201107221502">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.ibm.db2.luw/1.0.2.v201107221502/org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.db2.luw:1.0.2.v201107221502</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="100.0">
                                                    High
                                                </td>
                        <td>23</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.ibm.informix.dbdefinition-1.0.4.v201107221502.jar"><a href="#l319_1587982c1ed42ca42e1fe02f1a3baf1faa4bcbb2">org.eclipse.datatools.enablement.ibm.informix.dbdefinition-1.0.4.v201107221502.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:ibm:informix:1.0.4.v20110722">
                                                                                                                                                                                cpe:/a:ibm:informix:1.0.4.v20110722
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.informix.dbdefinition:1.0.4.v201107221502">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.ibm.informix.dbdefinition/1.0.4.v201107221502/org.eclipse.datatools.enablement.ibm.informix.dbdefinition-1.0.4.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.informix.dbdefinition:1.0.4.v201107221502</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.ibm.informix-1.0.1.v201107221502.jar"><a href="#l320_8c1d7354580604905a00c7d9acce3fbc5696b537">org.eclipse.datatools.enablement.ibm.informix-1.0.1.v201107221502.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:ibm:informix:1.0.1.v20110722">
                                                                                                                                                                                cpe:/a:ibm:informix:1.0.1.v20110722
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.informix:1.0.1.v201107221502">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.ibm.informix/1.0.1.v201107221502/org.eclipse.datatools.enablement.ibm.informix-1.0.1.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.informix:1.0.1.v201107221502</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition-1.0.1.v201201240505.jar"><a href="#l321_d18a0cca80deb6331f1caffea5abc8fa34e2060e">org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition-1.0.1.v201201240505.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.1.v20120124">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.1.v20120124
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition:1.0.1.v201201240505">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition/1.0.1.v201201240505/org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition-1.0.1.v201201240505.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition:1.0.1.v201201240505</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.msft.sqlserver-1.0.2.v201212120617.jar"><a href="#l322_bff9658c0858cea81b373f1488274a1d9d200cc6">org.eclipse.datatools.enablement.msft.sqlserver-1.0.2.v201212120617.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.2.v20121212">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.2.v20121212
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.msft.sqlserver:1.0.2.v201212120617">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.msft.sqlserver/1.0.2.v201212120617/org.eclipse.datatools.enablement.msft.sqlserver-1.0.2.v201212120617.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.msft.sqlserver:1.0.2.v201212120617</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar"><a href="#l323_7b1abc387591d4a9427bb13344243a220a5d751b">org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:dbd-mysql_project:dbd-mysql:1.0.4.v20110902cpe:/a:mysql:mysql:1.0.4.v20110902">
                                                                                                                                                                                cpe:/a:dbd-mysql_project:dbd-mysql:1.0.4.v20110902
                                                                                                                                                                                                                                                    <br/>
                                                                                                    <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Amysql%3Amysql" target="_blank">cpe:/a:mysql:mysql:1.0.4.v20110902</a>
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.mysql.dbdefinition:1.0.4.v201109022331">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.mysql.dbdefinition/1.0.4.v201109022331/org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.mysql.dbdefinition:1.0.4.v201109022331</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <td data-sort-value="100.0">
                                                    High
                                                </td>
                        <td>29</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar"><a href="#l324_b8862d790cf4715ce8b1a5c54d9fa9ee2557154f">org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:mysql:mysql:1.0.4.v20121212">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Amysql%3Amysql" target="_blank">cpe:/a:mysql:mysql:1.0.4.v20121212</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.mysql:1.0.4.v201212120617">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.mysql/1.0.4.v201212120617/org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.mysql:1.0.4.v201212120617</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="100.0">
                                                    High
                                                </td>
                        <td>28</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.oda.ws-1.2.6.v201403131825.jar"><a href="#l325_cc7814580f2fb5890c54681fec0f98b3e1386b51">org.eclipse.datatools.enablement.oda.ws-1.2.6.v201403131825.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.2.6.v20140313">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.2.6.v20140313
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oda.ws:1.2.6.v201403131825">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.oda.ws/1.2.6.v201403131825/org.eclipse.datatools.enablement.oda.ws-1.2.6.v201403131825.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oda.ws:1.2.6.v201403131825</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.oda.xml-1.2.5.v201305031101.jar"><a href="#l326_b5be50518c251d4c022959aeb6f871d6fea33fcc">org.eclipse.datatools.enablement.oda.xml-1.2.5.v201305031101.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.2.5.v20130503">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.2.5.v20130503
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oda.xml:1.2.5.v201305031101">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.oda.xml/1.2.5.v201305031101/org.eclipse.datatools.enablement.oda.xml-1.2.5.v201305031101.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oda.xml:1.2.5.v201305031101</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.oracle.dbdefinition-1.0.103.v201206010214.jar"><a href="#l327_af90f9d09101fb165a260896477c01385b6c8fd1">org.eclipse.datatools.enablement.oracle.dbdefinition-1.0.103.v201206010214.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.103.v20120601">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.103.v20120601
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oracle.dbdefinition:1.0.103.v201206010214">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.oracle.dbdefinition/1.0.103.v201206010214/org.eclipse.datatools.enablement.oracle.dbdefinition-1.0.103.v201206010214.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oracle.dbdefinition:1.0.103.v201206010214</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.oracle-1.0.0.v201107221506.jar"><a href="#l328_5628f462cfa241fff7b11f1df4c21802f174dd08">org.eclipse.datatools.enablement.oracle-1.0.0.v201107221506.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.0.v20110722">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.0.v20110722
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oracle:1.0.0.v201107221506">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.oracle/1.0.0.v201107221506/org.eclipse.datatools.enablement.oracle-1.0.0.v201107221506.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oracle:1.0.0.v201107221506</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar"><a href="#l329_8021bc614192f060a880cc407aba8adcfea6fb7f">org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:postgresql:postgresql:1.0.2.v20111007">
                                                                                                                                                                                cpe:/a:postgresql:postgresql:1.0.2.v20111007
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.postgresql.dbdefinition:1.0.2.v201110070445">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.postgresql.dbdefinition/1.0.2.v201110070445/org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.postgresql.dbdefinition:1.0.2.v201110070445</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <td data-sort-value="90.0">
                                                    High
                                                </td>
                        <td>16</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar"><a href="#l330_ddd733b059a41aa86aceed5344d1b4799802f5c0">org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:postgresql:postgresql:1.1.1.v20120525">
                                                                                                                                                                                cpe:/a:postgresql:postgresql:1.1.1.v20120525
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.enablement.postgresql:1.1.1.v201205252207">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.postgresql/1.1.1.v201205252207/org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.postgresql:1.1.1.v201205252207</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <td data-sort-value="90.0">
                                                    High
                                                </td>
                        <td>16</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.modelbase.dbdefinition-1.0.2.v201107221519.jar"><a href="#l331_725b5a9cbd280b8e6c9a6fd32cbe44bf1aae10a3">org.eclipse.datatools.modelbase.dbdefinition-1.0.2.v201107221519.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.2.v20110722">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.2.v20110722
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.dbdefinition:1.0.2.v201107221519">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.modelbase.dbdefinition/1.0.2.v201107221519/org.eclipse.datatools.modelbase.dbdefinition-1.0.2.v201107221519.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.dbdefinition:1.0.2.v201107221519</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.modelbase.derby-1.0.0.v201107221519.jar"><a href="#l332_93018a0f0e585dd4ceb70e849570d6143034273a">org.eclipse.datatools.modelbase.derby-1.0.0.v201107221519.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.0.v20110722">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.0.v20110722
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.derby:1.0.0.v201107221519">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.modelbase.derby/1.0.0.v201107221519/org.eclipse.datatools.modelbase.derby-1.0.0.v201107221519.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.derby:1.0.0.v201107221519</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.modelbase.sql.query-1.1.4.v201212120619.jar"><a href="#l333_663bfc41efd6030a37f7e6e7baf3b259606c1bcc">org.eclipse.datatools.modelbase.sql.query-1.1.4.v201212120619.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.1.4.v20121212">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.1.4.v20121212
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.sql.query:1.1.4.v201212120619">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.modelbase.sql.query/1.1.4.v201212120619/org.eclipse.datatools.modelbase.sql.query-1.1.4.v201212120619.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.sql.query:1.1.4.v201212120619</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.datatools.modelbase.sql-1.0.6.v201208230744.jar"><a href="#l334_731de727a1154c562038b045fa247716f68e93fe">org.eclipse.datatools.modelbase.sql-1.0.6.v201208230744.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.0.6.v20120823">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.0.6.v20120823
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.sql:1.0.6.v201208230744">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.modelbase.sql/1.0.6.v201208230744/org.eclipse.datatools.modelbase.sql-1.0.6.v201208230744.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.sql:1.0.6.v201208230744</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.emf.common-2.10.1.v20140901-1043.jar"><a href="#l335_4a9dbfa87401190c710c16dcbbc7a2ea7cc3ff70">org.eclipse.emf.common-2.10.1.v20140901-1043.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:2.10.1.v20140901">
                                                                                                                                                                                cpe:/a:eclipse:birt:2.10.1.v20140901
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.emf.common:2.10.1.v20140901-1043">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.emf.common/2.10.1.v20140901-1043/org.eclipse.emf.common-2.10.1.v20140901-1043.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.emf.common:2.10.1.v20140901-1043</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.emf.ecore.change-2.10.0.v20140901-1043.jar"><a href="#l336_c42c134004940345d45bf8367dae63c871a2420f">org.eclipse.emf.ecore.change-2.10.0.v20140901-1043.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:2.10.0.v20140901">
                                                                                                                                                                                cpe:/a:eclipse:birt:2.10.0.v20140901
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.emf.ecore.change:2.10.0.v20140901-1043">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.emf.ecore.change/2.10.0.v20140901-1043/org.eclipse.emf.ecore.change-2.10.0.v20140901-1043.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.emf.ecore.change:2.10.0.v20140901-1043</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.emf.ecore.xmi-2.10.1.v20140901-1043.jar"><a href="#l337_2a524cbae6c0ad0410c89270eb928ad90f75c95e">org.eclipse.emf.ecore.xmi-2.10.1.v20140901-1043.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:2.10.1.v20140901">
                                                                                                                                                                                cpe:/a:eclipse:birt:2.10.1.v20140901
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.emf.ecore.xmi:2.10.1.v20140901-1043">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.emf.ecore.xmi/2.10.1.v20140901-1043/org.eclipse.emf.ecore.xmi-2.10.1.v20140901-1043.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.emf.ecore.xmi:2.10.1.v20140901-1043</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.emf.ecore-2.10.1.v20140901-1043.jar"><a href="#l338_2da5a93e1d6eb2b6f78f215accc3304209b26104">org.eclipse.emf.ecore-2.10.1.v20140901-1043.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:2.10.1.v20140901">
                                                                                                                                                                                cpe:/a:eclipse:birt:2.10.1.v20140901
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.emf.ecore:2.10.1.v20140901-1043">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.emf.ecore/2.10.1.v20140901-1043/org.eclipse.emf.ecore-2.10.1.v20140901-1043.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.emf.ecore:2.10.1.v20140901-1043</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.emf-2.6.0.v20140901-1055.jar"><a href="#l339_11d8c54ef675a951256777a9f36ebf7e1646ffd6">org.eclipse.emf-2.6.0.v20140901-1055.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:2.6.0.v20140901">
                                                                                                                                                                                cpe:/a:eclipse:birt:2.6.0.v20140901
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.emf:2.6.0.v20140901-1055">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.emf/2.6.0.v20140901-1055/org.eclipse.emf-2.6.0.v20140901-1055.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.emf:2.6.0.v20140901-1055</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="org.eclipse.equinox.app-1.3.100.v20130327-1442.jar"><a href="#l340_cfe0deab8c3c4f4caea3767bc8bbaa4789b8f782">org.eclipse.equinox.app-1.3.100.v20130327-1442.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:1.3.100.v20130327">
                                                                                                                                                                                cpe:/a:eclipse:birt:1.3.100.v20130327
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.equinox.app:1.3.100.v20130327-1442">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.equinox.app/1.3.100.v20130327-1442/org.eclipse.equinox.app-1.3.100.v20130327-1442.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.equinox.app:1.3.100.v20130327-1442</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="43.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">LOW</td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.equinox.common-3.6.200.v20130402-1505.jar"><a href="#l341_550778d95ea4d5f2fee765e85eb799cec21067e0">org.eclipse.equinox.common-3.6.200.v20130402-1505.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.6.200.v20130402">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.6.200.v20130402
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.equinox.common:3.6.200.v20130402-1505">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.equinox.common/3.6.200.v20130402-1505/org.eclipse.equinox.common-3.6.200.v20130402-1505.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.equinox.common:3.6.200.v20130402-1505</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.equinox.preferences-3.5.100.v20130422-1538.jar"><a href="#l342_bc48b6b0c00898d5eb2cbd6024fc0235ae04f3d2">org.eclipse.equinox.preferences-3.5.100.v20130422-1538.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.5.100.v20130422">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.5.100.v20130422
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.equinox.preferences:3.5.100.v20130422-1538">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.equinox.preferences/3.5.100.v20130422-1538/org.eclipse.equinox.preferences-3.5.100.v20130422-1538.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.equinox.preferences:3.5.100.v20130422-1538</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>24</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.equinox.registry-3.5.400.v20140428-1507.jar"><a href="#l343_897775850f15e1595464bbff11562583b8132499">org.eclipse.equinox.registry-3.5.400.v20140428-1507.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.5.400.v20140428">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.5.400.v20140428
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.equinox.registry:3.5.400.v20140428-1507">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.equinox.registry/3.5.400.v20140428-1507/org.eclipse.equinox.registry-3.5.400.v20140428-1507.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.equinox.registry:3.5.400.v20140428-1507</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.orbit.mongodb-2.10.1.v20130422-1135.jar"><a href="#l344_98f0232dc80679a3f5c1effe15344dc7ceac98dc">org.eclipse.orbit.mongodb-2.10.1.v20130422-1135.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:mongodb:mongodb:2.10.1.v20130422">
                                                                                                                                                                                cpe:/a:mongodb:mongodb:2.10.1.v20130422
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.orbit.mongodb:2.10.1.v20130422-1135">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.orbit.mongodb/2.10.1.v20130422-1135/org.eclipse.orbit.mongodb-2.10.1.v20130422-1135.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.orbit.mongodb:2.10.1.v20130422-1135</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.osgi.services-3.3.100.v20130513-1956.jar"><a href="#l345_1d73531fac5372870373a06193985611b1239f0c">org.eclipse.osgi.services-3.3.100.v20130513-1956.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.osgi.services:3.3.100.v20130513-1956">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.osgi.services/3.3.100.v20130513-1956/org.eclipse.osgi.services-3.3.100.v20130513-1956.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.osgi.services:3.3.100.v20130513-1956</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.osgi-3.10.1.v20140909-1633.jar"><a href="#l346_e6a47e8e3edaf8b3cf74a1d5540a9c91369fb28a">org.eclipse.osgi-3.10.1.v20140909-1633.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.10.1.v20140909">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.10.1.v20140909
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.osgi:3.10.1.v20140909-1633">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.osgi/3.10.1.v20140909-1633/org.eclipse.osgi-3.10.1.v20140909-1633.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.osgi:3.10.1.v20140909-1633</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.eclipse.update.configurator-3.3.200.v20130326-1319.jar"><a href="#l347_4375455f2f0bd4f014e79758bbb3d4b7340e2943">org.eclipse.update.configurator-3.3.200.v20130326-1319.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:3.3.200.v20130326">
                                                                                                                                                                                cpe:/a:eclipse:birt:3.3.200.v20130326
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:org.eclipse.update.configurator:3.3.200.v20130326-1319">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.update.configurator/3.3.200.v20130326-1319/org.eclipse.update.configurator-3.3.200.v20130326-1319.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.update.configurator:3.3.200.v20130326-1319</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="viewservlets-4.5.0.jar"><a href="#l348_059c773f6cd138d08b18c47ed2c1581283f573fd">viewservlets-4.5.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:birt:4.5.0">
                                                                                                                                                                                cpe:/a:eclipse:birt:4.5.0
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.birt.runtime:viewservlets:4.5.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/viewservlets/4.5.0/viewservlets-4.5.0.jar" target="_blank">org.eclipse.birt.runtime:viewservlets:4.5.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ecj-4.5.1.jar"><a href="#l349_bee1367ac12fb6a20b422ff8711ebeb4f0a42316">ecj-4.5.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.eclipse.jdt.core.compiler:ecj:4.5.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/eclipse/jdt/core/compiler/ecj/4.5.1/ecj-4.5.1.jar" target="_blank">org.eclipse.jdt.core.compiler:ecj:4.5.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-continuation-9.3.8.v20160314.jar"><a href="#l350_dec4dfc43617637694762822ef99c8373c944c98">jetty-continuation-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-continuation:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22dec4dfc43617637694762822ef99c8373c944c98%22" target="_blank">org.eclipse.jetty:jetty-continuation:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-deploy-9.3.8.v20160314.jar"><a href="#l351_fe4025121641f5c4b06986e9b14983964bfcd7d5">jetty-deploy-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-deploy:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22fe4025121641f5c4b06986e9b14983964bfcd7d5%22" target="_blank">org.eclipse.jetty:jetty-deploy:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-http-9.3.8.v20160314.jar"><a href="#l352_0127feb7407f4137ff4295b5fa2895845db56710">jetty-http-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-http:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%220127feb7407f4137ff4295b5fa2895845db56710%22" target="_blank">org.eclipse.jetty:jetty-http:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>24</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-io-9.3.8.v20160314.jar"><a href="#l353_371e3c2b72d9a9737579ec0fdfd6a2a3ab8b8141">jetty-io-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-io:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22371e3c2b72d9a9737579ec0fdfd6a2a3ab8b8141%22" target="_blank">org.eclipse.jetty:jetty-io:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>24</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-jmx-9.3.8.v20160314.jar"><a href="#l354_4aca2eb607d49969bac6a5f36be24ebe1d6d39ad">jetty-jmx-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-jmx:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%224aca2eb607d49969bac6a5f36be24ebe1d6d39ad%22" target="_blank">org.eclipse.jetty:jetty-jmx:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-rewrite-9.3.8.v20160314.jar"><a href="#l355_264a34089a62d22cea8e38f6ab6c55d8cef992dc">jetty-rewrite-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-rewrite:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22264a34089a62d22cea8e38f6ab6c55d8cef992dc%22" target="_blank">org.eclipse.jetty:jetty-rewrite:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-security-9.3.8.v20160314.jar"><a href="#l356_5291fa5e3098f08017bfcc7f950a7ce36c9544d7">jetty-security-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-security:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%225291fa5e3098f08017bfcc7f950a7ce36c9544d7%22" target="_blank">org.eclipse.jetty:jetty-security:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-server-9.3.8.v20160314.jar"><a href="#l357_da8366f602f35d4c3177cb081472e2fc4abe04ea">jetty-server-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-server:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22da8366f602f35d4c3177cb081472e2fc4abe04ea%22" target="_blank">org.eclipse.jetty:jetty-server:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-servlet-9.3.8.v20160314.jar"><a href="#l358_ea5f25d3326d7745d9c21d405dcf6f878efbd5fb">jetty-servlet-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-servlet:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22ea5f25d3326d7745d9c21d405dcf6f878efbd5fb%22" target="_blank">org.eclipse.jetty:jetty-servlet:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-servlets-9.3.8.v20160314.jar"><a href="#l359_7c6cca49412e873cc2cee9903e3209525175f60d">jetty-servlets-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-servlets:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%227c6cca49412e873cc2cee9903e3209525175f60d%22" target="_blank">org.eclipse.jetty:jetty-servlets:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-util-9.3.8.v20160314.jar"><a href="#l360_01d53c7a7e7715e67d6f4edec6c5b328ee162e65">jetty-util-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-util:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2201d53c7a7e7715e67d6f4edec6c5b328ee162e65%22" target="_blank">org.eclipse.jetty:jetty-util:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-webapp-9.3.8.v20160314.jar"><a href="#l361_2f0dfef84af7c97f2a1f14db65aa3f37349420e4">jetty-webapp-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-webapp:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%222f0dfef84af7c97f2a1f14db65aa3f37349420e4%22" target="_blank">org.eclipse.jetty:jetty-webapp:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jetty-xml-9.3.8.v20160314.jar"><a href="#l362_f02bbbf71d7ea706a95fedf7e76c3ff243049bfc">jetty-xml-9.3.8.v20160314.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:eclipse:jetty:9.3.8.v20160314cpe:/a:jetty:jetty:9.3.8.v20160314">
                                                                                                                                                                                cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.eclipse.jetty:jetty-xml:9.3.8.v20160314">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22f02bbbf71d7ea706a95fedf7e76c3ff243049bfc%22" target="_blank">org.eclipse.jetty:jetty-xml:9.3.8.v20160314</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="freemarker-2.3.25-incubating.jar"><a href="#l363_9b31ed0d0321dfc1ae7ce63f2557df04b52a79e3">freemarker-2.3.25-incubating.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.freemarker:freemarker:2.3.25-incubating">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/freemarker/freemarker/2.3.25-incubating/freemarker-2.3.25-incubating.jar" target="_blank">org.freemarker:freemarker:2.3.25-incubating</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>31</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="vorbis-java-core-0.6.jar"><a href="#l364_71deedbdfe6a1b0dcadd6c5ae335e3e9b427524c">vorbis-java-core-0.6.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.gagravarr:vorbis-java-core:0.6">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2271deedbdfe6a1b0dcadd6c5ae335e3e9b427524c%22" target="_blank">org.gagravarr:vorbis-java-core:0.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="vorbis-java-tika-0.6.jar"><a href="#l365_be5b08ff4c45632975646f286a1d13e325bec59a">vorbis-java-tika-0.6.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:tika:0.6">
                                                                                                                                                                                cpe:/a:apache:tika:0.6
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.gagravarr:vorbis-java-tika:0.6">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22be5b08ff4c45632975646f286a1d13e325bec59a%22" target="_blank">org.gagravarr:vorbis-java-tika:0.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hamcrest-all-1.3.jar"><a href="#l366_63a21ebc981131004ad02e0434e799fd7f3a8d5a">hamcrest-all-1.3.jar</a></td>
                                                                                                                                                                                <td data-sort-value="">
                                                                                                                                                                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.hamcrest:hamcrest-all:1.3">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar" target="_blank">org.hamcrest:hamcrest-all:1.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>15</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hamcrest-core-1.1.jar"><a href="#l367_860340562250678d1a344907ac75754e259cdb14">hamcrest-core-1.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.hamcrest:hamcrest-core:1.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22860340562250678d1a344907ac75754e259cdb14%22" target="_blank">org.hamcrest:hamcrest-core:1.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>12</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hamcrest-core-1.3.jar"><a href="#l368_42a25dc3219429f0e5d060061f71acb49bf010a0">hamcrest-core-1.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.hamcrest:hamcrest-core:1.3">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar" target="_blank">org.hamcrest:hamcrest-core:1.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="ejb3-persistence-1.0.1.GA.jar"><a href="#l369_f502b2c96c95e087435c79d3d6c9aa85bb1154bc">ejb3-persistence-1.0.1.GA.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.hibernate:ejb3-persistence:1.0.1.GA">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/hibernate/ejb3-persistence/1.0.1.GA/ejb3-persistence-1.0.1.GA.jar" target="_blank">org.hibernate:ejb3-persistence:1.0.1.GA</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hibernate-annotations-3.3.1.GA.jar"><a href="#l370_2083b277c76037253189d17e68ba86d2da478440">hibernate-annotations-3.3.1.GA.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.hibernate:hibernate-annotations:3.3.1.GA">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/hibernate/hibernate-annotations/3.3.1.GA/hibernate-annotations-3.3.1.GA.jar" target="_blank">org.hibernate:hibernate-annotations:3.3.1.GA</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hibernate-commons-annotations-3.0.0.ga.jar"><a href="#l371_c8f53732fe3b75935f0550bdc3ba92bc9345360f">hibernate-commons-annotations-3.0.0.ga.jar</a></td>
                                                                                                                                                                                <td data-sort-value="">
                                                                                                                                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.hibernate:hibernate-commons-annotations:3.0.0.ga">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/hibernate/hibernate-commons-annotations/3.0.0.ga/hibernate-commons-annotations-3.0.0.ga.jar" target="_blank">org.hibernate:hibernate-commons-annotations:3.0.0.ga</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="hibernate-3.2.6.ga.jar"><a href="#l372_dd982c3d5c28c956aa4fa9112258cb3013606ddd">hibernate-3.2.6.ga.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.hibernate:hibernate:3.2.6.ga">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/hibernate/hibernate/3.2.6.ga/hibernate-3.2.6.ga.jar" target="_blank">org.hibernate:hibernate:3.2.6.ga</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="inspektr-core-0.7.0.jar"><a href="#l373_1d6851b0970de19593e8cdcbf7e593ca5c2db324">inspektr-core-0.7.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.inspektr:inspektr-core:0.7.0">                            org.inspektr:inspektr-core:0.7.0
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>12</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="bzip2-0.9.1.jar"><a href="#l374_47ca95f71e3ccae756c4a24354d48069c58f475c">bzip2-0.9.1.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:bzip:bzip2:0.9.1">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2" target="_blank">cpe:/a:bzip:bzip2:0.9.1</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.itadaki:bzip2:0.9.1">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2247ca95f71e3ccae756c4a24354d48069c58f475c%22" target="_blank">org.itadaki:bzip2:0.9.1</a>
                                                </td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="51.0">
                                                    Medium
                                                </td>
                        <td>3</td>
                        <td data-sort-value="0">LOW</td>
                        <td>13</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="cas-server-core-3.3.5.jar"><a href="#l375_0c47163c27b1a7617af14182c168d2b5b54cdd66">cas-server-core-3.3.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.jasig.cas:cas-server-core:3.3.5">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%220c47163c27b1a7617af14182c168d2b5b54cdd66%22" target="_blank">org.jasig.cas:cas-server-core:3.3.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>16</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="person-directory-api-1.5.0-RC5.jar"><a href="#l376_a2f4804d335d3cfe6a4bb3407dcf9fb88d396700">person-directory-api-1.5.0-RC5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.jasig.service:person-directory-api:1.5.0-RC5">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22a2f4804d335d3cfe6a4bb3407dcf9fb88d396700%22" target="_blank">org.jasig.service:person-directory-api:1.5.0-RC5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="person-directory-impl-1.5.0-RC5.jar"><a href="#l377_512831d6195409f9de30bcd06e1a3ce31fc4304f">person-directory-impl-1.5.0-RC5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.jasig.service:person-directory-impl:1.5.0-RC5">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22512831d6195409f9de30bcd06e1a3ce31fc4304f%22" target="_blank">org.jasig.service:person-directory-impl:1.5.0-RC5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="com.springsource.org.jdom-1.0.0.jar"><a href="#l378_32e7389479349a9d30cab805d83486b1e865aeaa">com.springsource.org.jdom-1.0.0.jar</a></td>
                                                                        <td data-sort-value="">
                                                                        </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>6</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jdom2-2.0.4.jar"><a href="#l379_4b65e55cc61b34bc634b25f0359d1242e4c519de">jdom2-2.0.4.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.jdom:jdom2:2.0.4">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/jdom/jdom2/2.0.4/jdom2-2.0.4.jar" target="_blank">org.jdom:jdom2:2.0.4</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>41</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jdom-2.0.2.jar"><a href="#l380_d06c71e0df0ac4b94deb737718580ccce22d92e8">jdom-2.0.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.jdom:jdom:2.0.2">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/jdom/jdom/2.0.2/jdom-2.0.2.jar" target="_blank">org.jdom:jdom:2.0.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>41</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="json-20140107.jar"><a href="#l381_d1ffca6e2482b002702c6a576166fd685e3370e3">json-20140107.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.json:json:20140107">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22d1ffca6e2482b002702c6a576166fd685e3370e3%22" target="_blank">org.json:json:20140107</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>12</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jsoup-1.8.3.jar"><a href="#l382_65fd012581ded67bc20945d85c32b4598c3a9cf1">jsoup-1.8.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.jsoup:jsoup:1.8.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2265fd012581ded67bc20945d85c32b4598c3a9cf1%22" target="_blank">org.jsoup:jsoup:1.8.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="spatial4j-0.6.jar"><a href="#l383_21b15310bddcfd8c72611c180f20cf23279809a3">spatial4j-0.6.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.locationtech.spatial4j:spatial4j:0.6">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2221b15310bddcfd8c72611c180f20cf23279809a3%22" target="_blank">org.locationtech.spatial4j:spatial4j:0.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="flute-1.3.jar"><a href="#l384_b7d59dc172005598b55699b1a75605b13c14f1fd">flute-1.3.jar</a></td>
                                                                                                                                                                                <td data-sort-value="">
                                                                                                                                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="milyn:flute:1.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22b7d59dc172005598b55699b1a75605b13c14f1fd%22" target="_blank">milyn:flute:1.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="noggit-0.6.jar"><a href="#l385_fa94a59c44b39ee710f3c9451750119e432326c0">noggit-0.6.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.noggit:noggit:0.6">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22fa94a59c44b39ee710f3c9451750119e432326c0%22" target="_blank">org.noggit:noggit:0.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>12</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="geoapi-3.0.0.jar"><a href="#l386_0a04e0f361627fb33a140b5aa4c019741f905577">geoapi-3.0.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.opengis:geoapi:3.0.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%220a04e0f361627fb33a140b5aa4c019741f905577%22" target="_blank">org.opengis:geoapi:3.0.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="opensaml-1.1b.jar"><a href="#l387_21ec22368b6baa211a29887e162aa4cf9a8f3c60">opensaml-1.1b.jar</a></td>
                                                                                                                                                                                                                                                                <td data-sort-value="cpe:/a:internet2:opensaml:1.1">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Ainternet2%3Aopensaml%3A1.1" target="_blank">cpe:/a:internet2:opensaml:1.1</a>
                                                                                                                                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.opensaml:opensaml1:1.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/opensaml/opensaml1/1.1/opensaml1-1.1.jar" target="_blank">org.opensaml:opensaml1:1.1</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="93.0">
                                                    High
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">HIGHEST</td>
                        <td>14</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="asm-commons-5.1.jar"><a href="#l388_25d8a575034dd9cfcb375a39b5334f0ba9c8474e">asm-commons-5.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.ow2.asm:asm-commons:5.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/ow2/asm/asm-commons/5.1/asm-commons-5.1.jar" target="_blank">org.ow2.asm:asm-commons:5.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>22</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="asm-5.1.jar"><a href="#l389_5ef31c4fe953b1fd00b8a88fa1d6820e8785bb45">asm-5.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.ow2.asm:asm:5.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/ow2/asm/asm/5.1/asm-5.1.jar" target="_blank">org.ow2.asm:asm:5.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>21</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="antisamy-1.4.3.jar"><a href="#l390_6bac1ebc43ac3db223f592ce904ac4c2f3ef26e5">antisamy-1.4.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.owasp.antisamy:antisamy:1.4.3">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%226bac1ebc43ac3db223f592ce904ac4c2f3ef26e5%22" target="_blank">org.owasp.antisamy:antisamy:1.4.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>15</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="esapi-2.1.0.jar"><a href="#l391_1892f47602b211ec72abc45df93a69c953a7ffba">esapi-2.1.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:owasp:enterprise_security_api:2.1.0">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aowasp%3Aenterprise_security_api%3A2.1.0" target="_blank">cpe:/a:owasp:enterprise_security_api:2.1.0</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.owasp.esapi:esapi:2.1.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%221892f47602b211ec72abc45df93a69c953a7ffba%22" target="_blank">org.owasp.esapi:esapi:2.1.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="58.0">
                                                    Medium
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">HIGHEST</td>
                        <td>18</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="quartz-2.2.0.jar"><a href="#l392_2eb16fce055d5f3c9d65420f6fc4efd3a079a3d8">quartz-2.2.0.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.quartz-scheduler:quartz:2.2.0">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%222eb16fce055d5f3c9d65420f6fc4efd3a079a3d8%22" target="_blank">org.quartz-scheduler:quartz:2.2.0</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>23</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.restlet.ext.servlet-2.3.0.jar"><a href="#l393_9303e20d0397c0304342943560c3a1693fd7ce7d">org.restlet.ext.servlet-2.3.0.jar</a></td>
                                                                                                                                                        <td data-sort-value="cpe:/a:restlet:restlet:2.3.0">
                                                                                                                                                                                cpe:/a:restlet:restlet:2.3.0
                                                                                                                                                                            </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="3">LOW</td>
                        <td>6</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="org.restlet-2.3.0.jar"><a href="#l394_4c5d184e23fa729726668a90dc7338d80c4e7e6f">org.restlet-2.3.0.jar</a></td>
                                                                                                                                                        <td data-sort-value="cpe:/a:restlet:restlet:2.3.0">
                                                                                                                                                                                cpe:/a:restlet:restlet:2.3.0
                                                                                                                                                                            </td>
                                                <td data-sort-value="">
                        </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="3">LOW</td>
                        <td>4</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jug-2.0.0-asl.jar"><a href="#l395_adf11f76e51f057e9d6903dd9a916162620386c9">jug-2.0.0-asl.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.safehaus.jug:jug:2.0.0">                            org.safehaus.jug:jug:2.0.0
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>17</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jcl-over-slf4j-1.7.7.jar"><a href="#l396_56003dcd0a31deea6391b9e2ef2f2dc90b205a92">jcl-over-slf4j-1.7.7.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.slf4j:jcl-over-slf4j:1.7.7">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%2256003dcd0a31deea6391b9e2ef2f2dc90b205a92%22" target="_blank">org.slf4j:jcl-over-slf4j:1.7.7</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="slf4j-api-1.7.21.jar"><a href="#l397_139535a69a4239db087de9bab0bee568bf8e0b70">slf4j-api-1.7.21.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.slf4j:slf4j-api:1.7.21">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22139535a69a4239db087de9bab0bee568bf8e0b70%22" target="_blank">org.slf4j:slf4j-api:1.7.21</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="slf4j-api-1.7.7.jar"><a href="#l398_2b8019b6249bb05d81d3a3094e468753e2b21311">slf4j-api-1.7.7.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.slf4j:slf4j-api:1.7.7">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%222b8019b6249bb05d81d3a3094e468753e2b21311%22" target="_blank">org.slf4j:slf4j-api:1.7.7</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="spring-beans-2.5.6.jar"><a href="#l399_449ea46b27426eb846611a90b2fb8b4dcf271191">spring-beans-2.5.6.jar</a></td>
                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:2.5.6cpe:/a:springsource:spring_framework:2.5.6cpe:/a:vmware:springsource_spring_framework:2.5.6">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:2.5.6
                                                                                                                                                                                                                                                    <br/>
                                                                                                    <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6" target="_blank">cpe:/a:springsource:spring_framework:2.5.6</a>
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:2.5.6
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-beans:2.5.6">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-beans/2.5.6/spring-beans-2.5.6.jar" target="_blank">org.springframework:spring-beans:2.5.6</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>7</td>
                        <td data-sort-value="0">HIGHEST</td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="spring-binding-1.0.6.jar"><a href="#l400_c2789e5215ed30d4d9e06873097c8bab8ae97109">spring-binding-1.0.6.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:1.0.6cpe:/a:vmware:springsource_spring_framework:1.0.6">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:1.0.6
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:1.0.6
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-binding:1.0.6">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-binding/1.0.6/spring-binding-1.0.6.jar" target="_blank">org.springframework:spring-binding:1.0.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="spring-context-support-2.5.6.SEC01.jar"><a href="#l401_3a88bce8e22a274f116d4fb3dcc936d088fff014">spring-context-support-2.5.6.SEC01.jar</a></td>
                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:2.5.6.sec01cpe:/a:springsource:spring_framework:2.5.6.sec01cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-context-support:2.5.6.SEC01">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-context-support/2.5.6.SEC01/spring-context-support-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-context-support:2.5.6.SEC01</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>6</td>
                        <td data-sort-value="0">LOW</td>
                        <td>24</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="spring-context-2.5.6.SEC01.jar"><a href="#l402_030ab3c56aa2ca6d9e4a194a36ac0679df2fd108">spring-context-2.5.6.SEC01.jar</a></td>
                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:2.5.6.sec01cpe:/a:springsource:spring_framework:2.5.6.sec01cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-context:2.5.6.SEC01">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-context/2.5.6.SEC01/spring-context-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-context:2.5.6.SEC01</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>6</td>
                        <td data-sort-value="0">LOW</td>
                        <td>24</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="spring-core-4.2.3.RELEASE.jar"><a href="#l403_3ed00dad7a16b2a28df9348294f6a67151f43cf6">spring-core-4.2.3.RELEASE.jar</a></td>
                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:4.2.3cpe:/a:springsource:spring_framework:4.2.3cpe:/a:vmware:springsource_spring_framework:4.2.3">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:4.2.3
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:springsource:spring_framework:4.2.3
                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:4.2.3
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-core:4.2.3.RELEASE">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-core/4.2.3.RELEASE/spring-core-4.2.3.RELEASE.jar" target="_blank">org.springframework:spring-core:4.2.3.RELEASE</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="spring-jdbc-2.5.6.SEC01.jar"><a href="#l404_74f28b32f9678dd3093643a268af767ddfcc337d">spring-jdbc-2.5.6.SEC01.jar</a></td>
                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:2.5.6.sec01cpe:/a:springsource:spring_framework:2.5.6.sec01cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-jdbc:2.5.6.SEC01">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-jdbc/2.5.6.SEC01/spring-jdbc-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-jdbc:2.5.6.SEC01</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>6</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="spring-orm-2.5.6.SEC01.jar"><a href="#l405_255bd5a5d6d456792bb928e1cced60755f1fe513">spring-orm-2.5.6.SEC01.jar</a></td>
                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:2.5.6.sec01cpe:/a:springsource:spring_framework:2.5.6.sec01cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-orm:2.5.6.SEC01">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-orm/2.5.6.SEC01/spring-orm-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-orm:2.5.6.SEC01</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>6</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="spring-test-4.2.3.RELEASE.jar"><a href="#l406_d7c055b8fb1117ef75045679892228a4816cd80e">spring-test-4.2.3.RELEASE.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:4.2.3cpe:/a:vmware:springsource_spring_framework:4.2.3">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:4.2.3
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:4.2.3
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-test:4.2.3.RELEASE">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-test/4.2.3.RELEASE/spring-test-4.2.3.RELEASE.jar" target="_blank">org.springframework:spring-test:4.2.3.RELEASE</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="spring-tx-2.5.6.SEC01.jar"><a href="#l407_4af6ff118eb394f804fe3a96f3e3f323a5de5ff6">spring-tx-2.5.6.SEC01.jar</a></td>
                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:2.5.6.sec01cpe:/a:springsource:spring_framework:2.5.6.sec01cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-tx:2.5.6.SEC01">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-tx/2.5.6.SEC01/spring-tx-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-tx:2.5.6.SEC01</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>6</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="spring-web-2.5.6.SEC01.jar"><a href="#l408_6a5711a5a29cf25603892c2bace8bbe3bf062834">spring-web-2.5.6.SEC01.jar</a></td>
                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:2.5.6.sec01cpe:/a:springsource:spring_framework:2.5.6.sec01cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-web:2.5.6.SEC01">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-web/2.5.6.SEC01/spring-web-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-web:2.5.6.SEC01</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>6</td>
                        <td data-sort-value="0">LOW</td>
                        <td>25</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="spring-webflow-1.0.6.jar"><a href="#l409_73a9cef54005fe7c23947f13300eb0e0bf0f265a">spring-webflow-1.0.6.jar</a></td>
                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:1.0.6cpe:/a:vmware:springsource_spring_framework:1.0.6">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:1.0.6
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:1.0.6
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-webflow:1.0.6">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-webflow/1.0.6/spring-webflow-1.0.6.jar" target="_blank">org.springframework:spring-webflow:1.0.6</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0">LOW</td>
                        <td>20</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="spring-webmvc-2.5.6.SEC01.jar"><a href="#l410_1a48edcf8dcfc76882c821931eb0529db9af5d9b">spring-webmvc-2.5.6.SEC01.jar</a></td>
                                                                                                                                                                                                                                                                                                                                                                            <td data-sort-value="cpe:/a:pivotal:spring_framework:2.5.6.sec01cpe:/a:springsource:spring_framework:2.5.6.sec01cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01">
                                                                                                                                                                                cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                                                                                                                                    <br/>
                                                                                                    cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="org.springframework:spring-webmvc:2.5.6.SEC01">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-webmvc/2.5.6.SEC01/spring-webmvc-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-webmvc:2.5.6.SEC01</a>
                                                </td>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>6</td>
                        <td data-sort-value="0">LOW</td>
                        <td>26</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xz-1.5.jar"><a href="#l411_9c64274b7dbb65288237216e3fae7877fd3f2bee">xz-1.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.tukaani:xz:1.5">                                                        <a href="http://search.maven.org/remotecontent?filepath=org/tukaani/xz/1.5/xz-1.5.jar" target="_blank">org.tukaani:xz:1.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>20</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="jackson-databind-java-optional-2.4.2.jar"><a href="#l412_588266ff57165736149bc38e07f2875a4fe5969c">jackson-databind-java-optional-2.4.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="org.zapodot:jackson-databind-java-optional:2.4.2">                                                        <a href="http://search.maven.org/#search|ga|1|1%3A%22588266ff57165736149bc38e07f2875a4fe5969c%22" target="_blank">org.zapodot:jackson-databind-java-optional:2.4.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>12</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="oro-2.0.8.jar"><a href="#l413_5592374f834645c4ae250f4c9fbb314c9369d698">oro-2.0.8.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="oro:oro:2.0.8">                                                        <a href="http://search.maven.org/remotecontent?filepath=oro/oro/2.0.8/oro-2.0.8.jar" target="_blank">oro:oro:2.0.8</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>15</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="regexp-1.3.jar"><a href="#l414_973df2b78b67bcd3144c3dbbb88da691065a3f8d">regexp-1.3.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="regexp:regexp:1.3">                                                        <a href="http://search.maven.org/remotecontent?filepath=regexp/regexp/1.3/regexp-1.3.jar" target="_blank">regexp:regexp:1.3</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>10</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="stax-api-1.0.1.jar"><a href="#l415_49c100caf72d658aca8e58bd74a4ba90fa2b0d70">stax-api-1.0.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="stax:stax-api:1.0.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=stax/stax-api/1.0.1/stax-api-1.0.1.jar" target="_blank">stax:stax-api:1.0.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="wsdl4j-1.6.2.jar"><a href="#l416_dec1669fb6801b7328e01ad72fc9e10b69ea06c1">wsdl4j-1.6.2.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="wsdl4j:wsdl4j:1.6.2">                                                        <a href="http://search.maven.org/remotecontent?filepath=wsdl4j/wsdl4j/1.6.2/wsdl4j-1.6.2.jar" target="_blank">wsdl4j:wsdl4j:1.6.2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>19</td>
                    </tr>
                                        <tr class=" vulnerable">
                        <td data-sort-value="xalan-2.7.0.jar"><a href="#l417_a33c0097f1c70b20fa7ded220ea317eb3500515e">xalan-2.7.0.jar</a></td>
                                                                                                                                                                                                            <td data-sort-value="cpe:/a:apache:xalan-java:2.7.0">
                                                                                                                                                                                <a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.7.0" target="_blank">cpe:/a:apache:xalan-java:2.7.0</a>
                                                                                                                                                                                                                                                                                                                            </td>
                                                <td data-sort-value="xalan:xalan:2.7.0">                                                        <a href="http://search.maven.org/remotecontent?filepath=xalan/xalan/2.7.0/xalan-2.7.0.jar" target="_blank">xalan:xalan:2.7.0</a>
                                                </td>
                                                                                                                                                        <td data-sort-value="75.0">
                                                    High
                                                </td>
                        <td>1</td>
                        <td data-sort-value="0">HIGHEST</td>
                        <td>28</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xercesImpl-2.8.1.jar"><a href="#l418_25101e37ec0c907db6f0612cbf106ee519c1aef1">xercesImpl-2.8.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="xerces:xercesImpl:2.8.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=xerces/xercesImpl/2.8.1/xercesImpl-2.8.1.jar" target="_blank">xerces:xercesImpl:2.8.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>55</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xml-apis-ext-1.3.04.jar"><a href="#l419_41a8b86b358e87f3f13cf46069721719105aff66">xml-apis-ext-1.3.04.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="xml-apis:xml-apis-ext:1.3.04">                                                        <a href="http://search.maven.org/remotecontent?filepath=xml-apis/xml-apis-ext/1.3.04/xml-apis-ext-1.3.04.jar" target="_blank">xml-apis:xml-apis-ext:1.3.04</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>28</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xml-apis-2.0.2.jar"><a href="#l420_3136ca936f64c9d68529f048c2618bd356bf85c9">xml-apis-2.0.2.jar</a></td>
                                                                                                                                                                                                                                    <td data-sort-value="">
                                                                                                                                                                                                                                                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="xml-apis:xml-apis:1.0.b2">                                                        <a href="http://search.maven.org/remotecontent?filepath=xml-apis/xml-apis/1.0.b2/xml-apis-1.0.b2.jar" target="_blank">xml-apis:xml-apis:1.0.b2</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>35</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xmlpull-1.1.3.1.jar"><a href="#l421_2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa">xmlpull-1.1.3.1.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="xmlpull:xmlpull:1.1.3.1">                                                        <a href="http://search.maven.org/remotecontent?filepath=xmlpull/xmlpull/1.1.3.1/xmlpull-1.1.3.1.jar" target="_blank">xmlpull:xmlpull:1.1.3.1</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>12</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xom-1.2.5.jar"><a href="#l422_4166493b9f04e91b858ba4150b28b4d197f8f8ea">xom-1.2.5.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="xom:xom:1.2.5">                                                        <a href="http://search.maven.org/remotecontent?filepath=xom/xom/1.2.5/xom-1.2.5.jar" target="_blank">xom:xom:1.2.5</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>39</td>
                    </tr>
                                        <tr class="notvulnerable">
                        <td data-sort-value="xpp3_min-1.1.4c.jar"><a href="#l423_19d4e90b43059058f6e056f794f0ea4030d60b86">xpp3_min-1.1.4c.jar</a></td>
                                                                                                                            <td data-sort-value="">
                                                                                                                                                                                                                        </td>
                                                <td data-sort-value="xpp3:xpp3_min:1.1.4c">                                                        <a href="http://search.maven.org/remotecontent?filepath=xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar" target="_blank">xpp3:xpp3_min:1.1.4c</a>
                                                </td>
                                                                        <td data-sort-value="-10">
                                                    &nbsp;
                                                </td>
                        <td>0</td>
                        <td data-sort-value="0"></td>
                        <td>14</td>
                    </tr>
                                    </table>
                <h2>Dependencies</h2>
                                                     <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l1_cf4f67dae5df4f9932ae7810f4548ef3e14dd35e"></a>antlr-2.7.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\antlr\antlr\2.7.6\cf4f67dae5df4f9932ae7810f4548ef3e14dd35e\antlr-2.7.6.jar<br/>
                            <b>MD5:</b>&nbsp;97c6bb68108a3d68094eab0f67157962<br/>
                            <b>SHA1:</b>&nbsp;cf4f67dae5df4f9932ae7810f4548ef3e14dd35e
                                                                                </p>
                                                <h4 id="header1" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content1" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>antlr</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>antlr</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.7.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>antlr-2.7.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.7.6</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>antlr</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>antlr</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>antlr</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>AntLR</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.antlr.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.7.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header2" class="subsectionheader white">Identifiers</h4>
                                                <div id="content2" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=antlr/antlr/2.7.6/antlr-2.7.6.jar" target="_blank">antlr:antlr:2.7.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l2_0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8"></a>aopalliance-1.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;AOP Alliance<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Public Domain</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\aopalliance\aopalliance\1.0\235ba8b489512805ac13a8f9ea77a1ca5ebe3e8\aopalliance-1.0.jar<br/>
                            <b>MD5:</b>&nbsp;04177054e180d09e3998808efa0401c7<br/>
                            <b>SHA1:</b>&nbsp;0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
                                                                                </p>
                                                <h4 id="header3" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content3" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>aopalliance</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>aopalliance</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>aopalliance-1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>aopalliance</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>intercept</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>aopalliance</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>AOP Alliance</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>aopalliance</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>AOP alliance</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://aopalliance.sourceforge.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header4" class="subsectionheader white">Identifiers</h4>
                                                <div id="content4" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=aopalliance/aopalliance/1.0/aopalliance-1.0.jar" target="_blank">aopalliance:aopalliance:1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l3_7bc7e49ddfe4fb5f193ed37ecc96c12292c8ceb6"></a>xercesImpl-2.9.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Xerces2 is the next generation of high performance, fully compliant XML parsers in the
    Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI),
    a complete framework for building parser components and configurations that is extremely
    modular and easy to program.
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\apache-xerces\xercesImpl\2.9.1\7bc7e49ddfe4fb5f193ed37ecc96c12292c8ceb6\xercesImpl-2.9.1.jar<br/>
                            <b>MD5:</b>&nbsp;f807f86d7d9db25edbfc782aca7ca2a9<br/>
                            <b>SHA1:</b>&nbsp;7bc7e49ddfe4fb5f193ed37ecc96c12292c8ceb6
                                                                                </p>
                                                <h4 id="header5" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content5" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xercesImpl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>xerces</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.9.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xercesImpl-2.9.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.9.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xerces</td></tr>
                                                                    <tr><td>manifest: javax/xml/datatype/</td><td>Implementation-Title</td><td>javax.xml.datatype</td></tr>
                                                                    <tr><td>manifest: javax/xml/datatype/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/xml/datatype/</td><td>Implementation-Version</td><td>1.3.04</td></tr>
                                                                    <tr><td>manifest: javax/xml/datatype/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Implementation-Title</td><td>javax.xml.parsers</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Implementation-Version</td><td>1.3.04</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Implementation-Title</td><td>javax.xml.transform</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Implementation-Version</td><td>1.3.04</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: javax/xml/validation/</td><td>Implementation-Title</td><td>javax.xml.validation</td></tr>
                                                                    <tr><td>manifest: javax/xml/validation/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/xml/validation/</td><td>Implementation-Version</td><td>1.3.04</td></tr>
                                                                    <tr><td>manifest: javax/xml/validation/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: javax/xml/xpath/</td><td>Implementation-Title</td><td>javax.xml.xpath</td></tr>
                                                                    <tr><td>manifest: javax/xml/xpath/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/xml/xpath/</td><td>Implementation-Version</td><td>1.3.04</td></tr>
                                                                    <tr><td>manifest: javax/xml/xpath/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/impl/Version.class</td><td>Implementation-Title</td><td>org.apache.xerces.impl.Version</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/impl/Version.class</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/impl/Version.class</td><td>Implementation-Version</td><td>2.9.1</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/xni/</td><td>Implementation-Title</td><td>org.apache.xerces.xni</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/xni/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/xni/</td><td>Implementation-Version</td><td>1.2</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/xni/</td><td>Specification-Title</td><td>Xerces Native Interface</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Implementation-Title</td><td>org.w3c.dom</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Implementation-Vendor</td><td>World Wide Web Consortium</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Specification-Title</td><td>Document Object Model, Level 3 Core</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/ls/</td><td>Implementation-Title</td><td>org.w3c.dom.ls</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/ls/</td><td>Implementation-Vendor</td><td>World Wide Web Consortium</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/ls/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/ls/</td><td>Specification-Title</td><td>Document Object Model, Level 3 Load and Save</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Implementation-Title</td><td>org.xml.sax</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Implementation-Vendor</td><td>David Megginson</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Implementation-Version</td><td>2.0.2</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Specification-Title</td><td>Simple API for XML</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xercesImpl</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>xerces</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Xerces2 Java Parser</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.9.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xerces.apache.org/xerces2-j</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.9.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header6" class="subsectionheader white">Identifiers</h4>
                                                <div id="content6" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=xerces/xercesImpl/2.9.1/xercesImpl-2.9.1.jar" target="_blank">xerces:xercesImpl:2.9.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l4_911ca40cdb527969ee47dc6f782425d94a36b510"></a>asm-attrs-1.5.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\asm\asm-attrs\1.5.3\911ca40cdb527969ee47dc6f782425d94a36b510\asm-attrs-1.5.3.jar<br/>
                            <b>MD5:</b>&nbsp;2f222ca7499ed5bc49fe25a1182c59f7<br/>
                            <b>SHA1:</b>&nbsp;911ca40cdb527969ee47dc6f782425d94a36b510
                                                                                </p>
                                                <h4 id="header7" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content7" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>asm-attrs</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>asm</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>asm-attrs-1.5.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>asm</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>attrs</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>objectweb</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>ASM Attribute classes</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>France Telecom R&amp;D</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5.3</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>asm-attrs</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>asm</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>asm-attrs</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.objectweb.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://asm.objectweb.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header8" class="subsectionheader white">Identifiers</h4>
                                                <div id="content8" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=asm/asm-attrs/1.5.3/asm-attrs-1.5.3.jar" target="_blank">asm:asm-attrs:1.5.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l5_63a2715c39c9e97f88fe371d4441a1b3493d74f9"></a>asm-1.5.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\asm\asm\1.5.3\63a2715c39c9e97f88fe371d4441a1b3493d74f9\asm-1.5.3.jar<br/>
                            <b>MD5:</b>&nbsp;ea4119d1471fc3c1af6b216815bd666c<br/>
                            <b>SHA1:</b>&nbsp;63a2715c39c9e97f88fe371d4441a1b3493d74f9
                                                                                </p>
                                                <h4 id="header9" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content9" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>asm</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>asm</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>asm-1.5.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>asm</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>objectweb</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>ASM</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>France Telecom R&amp;D</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5.3</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>asm</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>asm</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>asm</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.objectweb.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://asm.objectweb.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header10" class="subsectionheader white">Identifiers</h4>
                                                <div id="content10" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=asm/asm/1.5.3/asm-1.5.3.jar" target="_blank">asm:asm:1.5.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l6_080e9fde0223721baefb5df5f251888cc2456ed6"></a>aspectjrt-1.5.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\aspectj\aspectjrt\1.5.3\80e9fde0223721baefb5df5f251888cc2456ed6\aspectjrt-1.5.3.jar<br/>
                            <b>MD5:</b>&nbsp;6b097361bf7d1643bba896eb6b9ff156<br/>
                            <b>SHA1:</b>&nbsp;080e9fde0223721baefb5df5f251888cc2456ed6
                                                                                </p>
                                                <h4 id="header11" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content11" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>aspectjrt</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>aspectj</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>aspectjrt-1.5.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>aspectj</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lang</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>reflect</td></tr>
                                                                    <tr><td>manifest: org/aspectj/lang/</td><td>Implementation-Title</td><td>org.aspectj.tools</td></tr>
                                                                    <tr><td>manifest: org/aspectj/lang/</td><td>Implementation-Vendor</td><td>aspectj.org</td></tr>
                                                                    <tr><td>manifest: org/aspectj/lang/</td><td>Implementation-Version</td><td>1.5.3</td></tr>
                                                                    <tr><td>manifest: org/aspectj/lang/</td><td>Specification-Title</td><td>AspectJ Runtime Classes </td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>aspectjrt</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>aspectj</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>AspectJ runtime</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.aspectj.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header12" class="subsectionheader white">Identifiers</h4>
                                                <div id="content12" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=aspectj/aspectjrt/1.5.3/aspectjrt-1.5.3.jar" target="_blank">aspectj:aspectjrt:1.5.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l7_4040e72d0dda6e9a03d879835cd3f70f19284c34"></a>aspectjweaver-1.5.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\aspectj\aspectjweaver\1.5.3\4040e72d0dda6e9a03d879835cd3f70f19284c34\aspectjweaver-1.5.3.jar<br/>
                            <b>MD5:</b>&nbsp;06464d01316d851e8dac161847e98f4c<br/>
                            <b>SHA1:</b>&nbsp;4040e72d0dda6e9a03d879835cd3f70f19284c34
                                                                                </p>
                                                <h4 id="header13" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content13" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>aspectjweaver</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>aspectj</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>aspectjweaver-1.5.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>aspectj</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.aspectj.weaver</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>aspectj.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5.3</td></tr>
                                                                    <tr><td>Manifest</td><td>name</td><td>org/aspectj/weaver/</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>AspectJ Weaver Classes</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>aspectj.org</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>aspectjweaver</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>aspectj</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>AspectJ weaver</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.aspectj.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header14" class="subsectionheader white">Identifiers</h4>
                                                <div id="content14" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=aspectj/aspectjweaver/1.5.3/aspectjweaver-1.5.3.jar" target="_blank">aspectj:aspectjweaver:1.5.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l8_4da1db18947eb6950abb7ad79253011b9aec0e48"></a>avalon-framework-impl-4.2.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\avalon-framework\avalon-framework-impl\4.2.0\4da1db18947eb6950abb7ad79253011b9aec0e48\avalon-framework-impl-4.2.0.jar<br/>
                            <b>MD5:</b>&nbsp;5c1f8f5c8c6c043538fc4ea038c2aaf6<br/>
                            <b>SHA1:</b>&nbsp;4da1db18947eb6950abb7ad79253011b9aec0e48
                                                                                </p>
                                                <h4 id="header15" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content15" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>avalon-framework-impl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>avalon-framework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.2.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>avalon-framework-impl-4.2.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.2.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>avalon</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>framework</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>avalon-framework-impl</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td></td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.2.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Avalon Framework Implementation</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>avalon-framework-impl</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>avalon-framework</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.2.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header16" class="subsectionheader white">Identifiers</h4>
                                                <div id="content16" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=avalon-framework/avalon-framework-impl/4.2.0/avalon-framework-impl-4.2.0.jar" target="_blank">avalon-framework:avalon-framework-impl:4.2.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l9_682f7ac17fed79e92f8e87d8455192b63376347b"></a>backport-util-concurrent-3.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Dawid Kurzyniec's backport of JSR 166<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Public Domain: http://creativecommons.org/licenses/publicdomain</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\backport-util-concurrent\backport-util-concurrent\3.1\682f7ac17fed79e92f8e87d8455192b63376347b\backport-util-concurrent-3.1.jar<br/>
                            <b>MD5:</b>&nbsp;748bb0cbf4780b2e3121dc9c12e10cd9<br/>
                            <b>SHA1:</b>&nbsp;682f7ac17fed79e92f8e87d8455192b63376347b
                                                                                </p>
                                                <h4 id="header17" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content17" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>backport-util-concurrent</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>backport-util-concurrent</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>backport-util-concurrent-3.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>backport</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>edu</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>emory</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>mathcs</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>backport-util-concurrent</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Dawid Kurzyniec's backport of JSR 166</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>backport-util-concurrent</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Backport of JSR 166</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.mathcs.emory.edu/~dawidk/
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://backport-jsr166.sourceforge.net/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header18" class="subsectionheader white">Identifiers</h4>
                                                <div id="content18" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=backport-util-concurrent/backport-util-concurrent/3.1/backport-util-concurrent-3.1.jar" target="_blank">backport-util-concurrent:backport-util-concurrent:3.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l10_14ff2dfec8578f5f6838c4d6a77a86789afe5382"></a>bcmail-jdk14-138.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Bouncy Castle Java CMS and S/MIME APIs for handling the CMS and S/MIME protocols. This jar contains CMS and S/MIME APIs for JDK 1.4. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. If the S/MIME API is used, the JavaMail API and the Java activation framework will also be needed.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Bouncy Castle Licence: http://www.bouncycastle.org/licence.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\bouncycastle\bcmail-jdk14\138\14ff2dfec8578f5f6838c4d6a77a86789afe5382\bcmail-jdk14-138.jar<br/>
                            <b>MD5:</b>&nbsp;e2c72e958b82b9373c13739c9f14009c<br/>
                            <b>SHA1:</b>&nbsp;14ff2dfec8578f5f6838c4d6a77a86789afe5382
                                                                                </p>
                                                <h4 id="header19" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content19" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>bcmail-jdk14</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>bouncycastle</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.38</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>138</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>bcmail-jdk14-138</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>14.138</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bouncycastle</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.bouncycastle.bcmail</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.38.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>bcmail-jdk14</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Bouncy Castle Java CMS and S/MIME APIs for handling the CMS and S/MIME protocols. This jar contains CMS and S/MIME APIs for JDK 1.4. The APIs can be used in conjunction with a JCE/JCA provider ...</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>bouncycastle</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Bouncy Castle CMS and S/MIME API</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.bouncycastle.org/java.html</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.38</td></tr>
                                                            </table>
                        </div>
                                                    <h4 id="header20" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4>
                            <div id="content20" class="subsectioncontent standardsubsection hidden">
                            <ul>
                                                            <li>bcmail-jdk14-1.38.jar
                                    <ul>
                                        <li>File Path:&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.bouncycastle\bcmail-jdk14\1.38\14ff2dfec8578f5f6838c4d6a77a86789afe5382\bcmail-jdk14-1.38.jar</li>
                                        <li>SHA1:&nbsp;14ff2dfec8578f5f6838c4d6a77a86789afe5382</li>
                                        <li>MD5:&nbsp;e2c72e958b82b9373c13739c9f14009c</li>
                                                                                                                                                                                                                                            <li>maven:&nbsp;<a href="http://search.maven.org/remotecontent?filepath=bouncycastle/bcmail-jdk14/138/bcmail-jdk14-138.jar" target="_blank">bouncycastle:bcmail-jdk14:138</a>
                                                                                                </li>
                                                                                                                                                                                                                                                                                        <li>maven:&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bcmail-jdk14/1.38/bcmail-jdk14-1.38.jar" target="_blank">org.bouncycastle:bcmail-jdk14:1.38</a>
                                                                                                </li>
                                                                                                                         </ul>
                                </li>
                                                        </ul>
                            </div>
                                                                                                                                                                                <h4 id="header21" class="subsectionheader white">Identifiers</h4>
                                                <div id="content21" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=bouncycastle/bcmail-jdk14/138/bcmail-jdk14-138.jar" target="_blank">bouncycastle:bcmail-jdk14:138</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bcmail-jdk14/1.38/bcmail-jdk14-1.38.jar" target="_blank">org.bouncycastle:bcmail-jdk14:1.38</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l11_de366c3243a586eb3c0e2bcde1ed9bb1bfb985ff"></a>bcprov-jdk14-138.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.4.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Bouncy Castle Licence: http://www.bouncycastle.org/licence.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\bouncycastle\bcprov-jdk14\138\de366c3243a586eb3c0e2bcde1ed9bb1bfb985ff\bcprov-jdk14-138.jar<br/>
                            <b>MD5:</b>&nbsp;2cb031d0966bfebbdb7c60f799b24dc9<br/>
                            <b>SHA1:</b>&nbsp;de366c3243a586eb3c0e2bcde1ed9bb1bfb985ff
                                                                                </p>
                                                <h4 id="header22" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content22" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>bcprov-jdk14</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>bouncycastle</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.38</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>138</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>bcprov-jdk14-138</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>14.138</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bouncycastle</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.bouncycastle.bcprovider</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.38.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>bcprov-jdk14</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.4.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>bouncycastle</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Bouncy Castle Provider</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.bouncycastle.org/java.html</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.38</td></tr>
                                                            </table>
                        </div>
                                                    <h4 id="header23" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4>
                            <div id="content23" class="subsectioncontent standardsubsection hidden">
                            <ul>
                                                            <li>bcprov-jdk14-1.38.jar
                                    <ul>
                                        <li>File Path:&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.bouncycastle\bcprov-jdk14\1.38\de366c3243a586eb3c0e2bcde1ed9bb1bfb985ff\bcprov-jdk14-1.38.jar</li>
                                        <li>SHA1:&nbsp;de366c3243a586eb3c0e2bcde1ed9bb1bfb985ff</li>
                                        <li>MD5:&nbsp;2cb031d0966bfebbdb7c60f799b24dc9</li>
                                                                                                                                                                                                                                            <li>maven:&nbsp;<a href="http://search.maven.org/remotecontent?filepath=bouncycastle/bcprov-jdk14/138/bcprov-jdk14-138.jar" target="_blank">bouncycastle:bcprov-jdk14:138</a>
                                                                                                </li>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                <li>maven:&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bcprov-jdk14/1.38/bcprov-jdk14-1.38.jar" target="_blank">org.bouncycastle:bcprov-jdk14:1.38</a>
                                                                                                </li>
                                                                                                                         </ul>
                                </li>
                                                        </ul>
                            </div>
                                                                                                                                                                                                                                                                                                                                                <h4 id="header24" class="subsectionheader white">Identifiers</h4>
                                                <div id="content24" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=bouncycastle/bcprov-jdk14/138/bcprov-jdk14-138.jar" target="_blank">bouncycastle:bcprov-jdk14:138</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:bouncycastle:bouncy-castle-crypto-package:14.138
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('bcprov-jdk14-138.jar', 'de366c3243a586eb3c0e2bcde1ed9bb1bfb985ff', 'cpe', 'cpe:/a:bouncycastle:bouncy-castle-crypto-package:14.138')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:bouncycastle:bouncy_castle_crypto_package:14.138
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('bcprov-jdk14-138.jar', 'de366c3243a586eb3c0e2bcde1ed9bb1bfb985ff', 'cpe', 'cpe:/a:bouncycastle:bouncy_castle_crypto_package:14.138')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bcprov-jdk14/1.38/bcprov-jdk14-1.38.jar" target="_blank">org.bouncycastle:bcprov-jdk14:1.38</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l12_302704f30c6e7abb7a0457f7771739e03c973e80"></a>c3p0-0.9.1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    c3p0 is an easy-to-use library for augmenting traditional (DriverManager-based) JDBC drivers with JNDI-bindable DataSources,
    including DataSources that implement Connection and Statement Pooling, as described by the jdbc3 spec and jdbc2 std extension.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">GNU LESSER GENERAL PUBLIC LICENSE: http://www.gnu.org/licenses/lgpl.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\c3p0\c3p0\0.9.1.1\302704f30c6e7abb7a0457f7771739e03c973e80\c3p0-0.9.1.1.jar<br/>
                            <b>MD5:</b>&nbsp;640c58226e7bb6beacc8ac3f6bb533d1<br/>
                            <b>SHA1:</b>&nbsp;302704f30c6e7abb7a0457f7771739e03c973e80
                                                                                </p>
                                                <h4 id="header25" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content25" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>c3p0</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>c3p0</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.9.1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>c3p0-0.9.1.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.9.1.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>mchange</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>v2</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>com.mchange.v2.c3p0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Machinery For Change, Inc.</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.mchange</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.9.1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Machinery For Change, Inc.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>c3p0</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> c3p0 is an easy-to-use library for augmenting traditional (DriverManager-based) JDBC drivers with JNDI-bindable DataSources, including DataSources that implement Connection and Statement Pooling, as described by the jdbc3 spec and jdbc2 std extension. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>c3p0</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>c3p0:JDBC DataSources/Resource Pools</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://c3p0.sourceforge.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.9.1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header26" class="subsectionheader white">Identifiers</h4>
                                                <div id="content26" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=c3p0/c3p0/0.9.1.1/c3p0-0.9.1.1.jar" target="_blank">c3p0:c3p0:0.9.1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l13_d3851e366b9fe8b7d8215de0f9eb980b359d8de0"></a>cglib-2.1_3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\cglib\cglib\2.1_3\d3851e366b9fe8b7d8215de0f9eb980b359d8de0\cglib-2.1_3.jar<br/>
                            <b>MD5:</b>&nbsp;ce1dce4a5f6865fb88d4c7c2728b78ed<br/>
                            <b>SHA1:</b>&nbsp;d3851e366b9fe8b7d8215de0f9eb980b359d8de0
                                                                                </p>
                                                <h4 id="header27" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content27" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>cglib</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>cglib</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1_3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>cglib-2.1_3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>cglib</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>net</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sf</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>cglib</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>cglib</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>cglib</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://cglib.sourceforge.net/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1_3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header28" class="subsectionheader white">Identifiers</h4>
                                                <div id="content28" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=cglib/cglib/2.1_3/cglib-2.1_3.jar" target="_blank">cglib:cglib:2.1_3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l14_55615fa2582424e38705487d1d3969af8554f637"></a>xmpcore-5.1.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    The XMP Library for Java is based on the C++ XMPCore library
    and the API is similar.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The BSD License: http://www.adobe.com/devnet/xmp/library/eula-xmp-library-java.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.adobe.xmp\xmpcore\5.1.2\55615fa2582424e38705487d1d3969af8554f637\xmpcore-5.1.2.jar<br/>
                            <b>MD5:</b>&nbsp;0b2cf2a09d32abdedd17de864e93ad25<br/>
                            <b>SHA1:</b>&nbsp;55615fa2582424e38705487d1d3969af8554f637
                                                                                </p>
                                                <h4 id="header29" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content29" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xmpcore</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.adobe.xmp</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>5.1.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xmpcore-5.1.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>5.1.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>adobe</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>impl</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xmp</td></tr>
                                                                    <tr><td>Manifest</td><td>builddate</td><td>03</td></tr>
                                                                    <tr><td>Manifest</td><td>builddate</td><td>2012</td></tr>
                                                                    <tr><td>Manifest</td><td>builddate</td><td>2012 Jul 03 11:48:46-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-engbuild</td><td>003</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-major</td><td>5</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-micro</td><td>1</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-minor</td><td>1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Adobe XMP Core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Copyright 2006-2009 Adobe Systems Incorporated. All rights reserved</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xmpcore</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
    The XMP Library for Java is based on the C++ XMPCore library
    and the API is similar.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>adobe.xmp</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>XMP Library for Java</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.adobe.com/devnet/xmp.html</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>5.1.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header30" class="subsectionheader white">Identifiers</h4>
                                                <div id="content30" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=com/adobe/xmp/xmpcore/5.1.2/xmpcore-5.1.2.jar" target="_blank">com.adobe.xmp:xmpcore:5.1.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l15_47592e181b0bdbbeb63029e08c5e74f6803c4edd"></a>jcommander-1.35.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A Java framework to parse command line options with annotations.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.beust\jcommander\1.35\47592e181b0bdbbeb63029e08c5e74f6803c4edd\jcommander-1.35.jar<br/>
                            <b>MD5:</b>&nbsp;90216444fab67357c5bdf3293b47107e<br/>
                            <b>SHA1:</b>&nbsp;47592e181b0bdbbeb63029e08c5e74f6803c4edd
                                                                                </p>
                                                <h4 id="header31" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content31" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jcommander</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.beust</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.35</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jcommander-1.35</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.35</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>A Java framework to parse command line options with annotations.</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>JCommander</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.beust.jcommander</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.35.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jcommander</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A Java framework to parse command line options with annotations.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>beust</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JCommander</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://beust.com/jcommander</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.35</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header32" class="subsectionheader white">Identifiers</h4>
                                                <div id="content32" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2247592e181b0bdbbeb63029e08c5e74f6803c4edd%22" target="_blank">com.beust:jcommander:1.35</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l16_8b5057f74ea378c0150a1860874a3ebdcb713767"></a>hppc-0.7.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;High Performance Primitive Collections.
  Fundamental data structures (maps, sets, lists, stacks, queues) generated for
  combinations of object and primitive types to conserve JVM memory and speed
  up execution.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.carrotsearch\hppc\0.7.1\8b5057f74ea378c0150a1860874a3ebdcb713767\hppc-0.7.1.jar<br/>
                            <b>MD5:</b>&nbsp;2ff89be5b49144c330190cf7137c3a26<br/>
                            <b>SHA1:</b>&nbsp;8b5057f74ea378c0150a1860874a3ebdcb713767
                                                                                </p>
                                                <h4 id="header33" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content33" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hppc</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.carrotsearch</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.7.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hppc-0.7.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.7.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>carrotsearch</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hppc</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>hppc</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>High Performance Primitive Collections. Fundamental data structures (maps, sets, lists, stacks, queues) generated for combinations of object and primitive types to conserve JVM memory and speed up execution.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>carrotsearch</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>HPPC Collections</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>hppc-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.carrotsearch</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.7.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header34" class="subsectionheader white">Identifiers</h4>
                                                <div id="content34" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%228b5057f74ea378c0150a1860874a3ebdcb713767%22" target="_blank">com.carrotsearch:hppc:0.7.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l17_c771dba842e459b704081212c66182eb351728de"></a>metadata-extractor-2.8.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java library for extracting EXIF, IPTC, XMP, ICC and other metadata from image files.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.drewnoakes\metadata-extractor\2.8.0\c771dba842e459b704081212c66182eb351728de\metadata-extractor-2.8.0.jar<br/>
                            <b>MD5:</b>&nbsp;ad99c1e862666b05723da6d952d4df41<br/>
                            <b>SHA1:</b>&nbsp;c771dba842e459b704081212c66182eb351728de
                                                                                </p>
                                                <h4 id="header35" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content35" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>metadata-extractor</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.drewnoakes</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.8.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>metadata-extractor-2.8.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.8.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>metadata-extractor</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Drew Noakes</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.8.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>metadata-extractor</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Java library for extracting EXIF, IPTC, XMP, ICC and other metadata from image files.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>drewnoakes</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>${project.groupId}:${project.artifactId}</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://drewnoakes.com/code/exif/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.8.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header36" class="subsectionheader white">Identifiers</h4>
                                                <div id="content36" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22c771dba842e459b704081212c66182eb351728de%22" target="_blank">com.drewnoakes:metadata-extractor:2.8.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l18_b4261cbabfd2f28b8d4d20d7e3a3d1be48bb890c"></a>presto-parser-0.122.jar</h3>
                    <div class="subsectioncontent">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.facebook.presto\presto-parser\0.122\b4261cbabfd2f28b8d4d20d7e3a3d1be48bb890c\presto-parser-0.122.jar<br/>
                            <b>MD5:</b>&nbsp;15f055cd6e80db11884a11877016b0c9<br/>
                            <b>SHA1:</b>&nbsp;b4261cbabfd2f28b8d4d20d7e3a3d1be48bb890c
                                                                                </p>
                                                <h4 id="header37" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content37" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>presto-parser</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.facebook.presto</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.122</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>presto-parser-0.122</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.122</td></tr>
                                                                    <tr><td>Manifest</td><td>build-time</td><td>2015-10-08T13:36:42-0700</td></tr>
                                                                    <tr><td>Manifest</td><td>git-commit-id</td><td>7d1ac0799dcfc69b3cd0df9af25569f6be127cf7</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>presto-parser</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.facebook.presto</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.122</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>presto-parser</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>presto-parser</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>facebook.presto</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>presto-parser</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>presto-root</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.facebook.presto</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.122</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header38" class="subsectionheader white">Identifiers</h4>
                                                <div id="content38" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22b4261cbabfd2f28b8d4d20d7e3a3d1be48bb890c%22" target="_blank">com.facebook.presto:presto-parser:0.122</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Afacebook%3Afacebook" target="_blank">cpe:/a:facebook:facebook:0.122</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('presto-parser-0.122.jar', 'b4261cbabfd2f28b8d4d20d7e3a3d1be48bb890c', 'cpe', 'cpe:/a:facebook:facebook:0.122')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header39" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content39" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0660">CVE-2008-0660</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('presto-parser-0.122.jar', 'b4261cbabfd2f28b8d4d20d7e3a3d1be48bb890c', 'cve', 'CVE-2008-0660')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/27576">27576</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/27577">27577</a></li>
                                                                            <li>CERT-VN - <a target="_blank" href="http://www.kb.cert.org/vuls/id/776931">VU#776931</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2008/Feb/0023.html">20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow</a></li>
                                                                            <li>MILW0RM - <a target="_blank" href="http://www.milw0rm.com/exploits/5049">5049</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.computerworld.com/action/article.do?command=viewArticleBasic&amp;articleId=9060483">http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1019297">1019297</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0391/references">ADV-2008-0391</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0394/references">ADV-2008-0394</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs1', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs1"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Afacebook%3Afacebook">cpe:/a:facebook:facebook</a> </li>
                                    <li class="vs1">...</li>
                                                                    <li class="vs1 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aaurigma%3Aimage_uploader_activex_control%3A4.5.70.0">cpe:/a:aurigma:image_uploader_activex_control:4.5.70.0</a> </li>
                                                                    <li class="vs1 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aaurigma%3Aimage_uploader_activex_control%3A4.5.126.0">cpe:/a:aurigma:image_uploader_activex_control:4.5.126.0</a> </li>
                                                                    <li class="vs1 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aaurigma%3Aimage_uploader_activex_control%3A4.6.17.0">cpe:/a:aurigma:image_uploader_activex_control:4.6.17.0</a> </li>
                                                                    <li class="vs1 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aaurigma%3Aimage_uploader_activex_control%3A5.0.10.0">cpe:/a:aurigma:image_uploader_activex_control:5.0.10.0</a> </li>
                                                                    <li class="vs1 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Afacebook%3Afacebook">cpe:/a:facebook:facebook</a> </li>
                                                                    <li class="vs1 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Afacebook%3Aphotouploader%3A4.5.57.0">cpe:/a:facebook:photouploader:4.5.57.0</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l19_d6a66c7a5f01cf500377bd669507a08cfeba882a"></a>jackson-annotations-2.4.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Core annotations used for value types, used by Jackson data binding package.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.fasterxml.jackson.core\jackson-annotations\2.4.0\d6a66c7a5f01cf500377bd669507a08cfeba882a\jackson-annotations-2.4.0.jar<br/>
                            <b>MD5:</b>&nbsp;6df1b79ec2e57d62106eb47129e4f7a3<br/>
                            <b>SHA1:</b>&nbsp;d6a66c7a5f01cf500377bd669507a08cfeba882a
                                                                                </p>
                                                <h4 id="header40" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content40" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jackson-annotations</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.fasterxml.jackson.core</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.4.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jackson-annotations-2.4.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.4.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Core annotations used for value types, used by Jackson data binding package.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://wiki.fasterxml.com/JacksonHome</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jackson-annotations</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-annotations</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.4.0</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build-date</td><td>2014-05-29 09:46:52-0700</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Jackson-annotations</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>FasterXML</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml.jackson.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.4.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Jackson-annotations</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>FasterXML</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jackson-annotations</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Core annotations used for value types, used by Jackson data binding package.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>fasterxml.jackson.core</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jackson-annotations</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jackson-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.4.0</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://wiki.fasterxml.com/JacksonHome</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.4.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header41" class="subsectionheader white">Identifiers</h4>
                                                <div id="content41" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22d6a66c7a5f01cf500377bd669507a08cfeba882a%22" target="_blank">com.fasterxml.jackson.core:jackson-annotations:2.4.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l20_892d15011456ea3563319b27bdd612dbc89bb776"></a>jackson-core-2.6.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Core Jackson abstractions, basic JSON streaming API implementation
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.fasterxml.jackson.core\jackson-core\2.6.1\892d15011456ea3563319b27bdd612dbc89bb776\jackson-core-2.6.1.jar<br/>
                            <b>MD5:</b>&nbsp;12d86697bf26d30ba0ba94e05fe298d7<br/>
                            <b>SHA1:</b>&nbsp;892d15011456ea3563319b27bdd612dbc89bb776
                                                                                </p>
                                                <h4 id="header42" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content42" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jackson-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.fasterxml.jackson.core</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jackson-core-2.6.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.6.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Core Jackson abstractions, basic JSON streaming API implementation</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/jackson-core</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jackson-core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-core</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.6.1</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build-date</td><td>2015-08-09 22:24:01-0700</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Jackson-core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>FasterXML</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml.jackson.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.6.1</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Jackson-core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>FasterXML</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jackson-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Core Jackson abstractions, basic JSON streaming API implementation
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>fasterxml.jackson.core</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jackson-core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jackson-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/FasterXML/jackson-core</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header43" class="subsectionheader white">Identifiers</h4>
                                                <div id="content43" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22892d15011456ea3563319b27bdd612dbc89bb776%22" target="_blank">com.fasterxml.jackson.core:jackson-core:2.6.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l21_8e31266a272ad25ac4c089734d93e8d811652c1f"></a>jackson-databind-2.4.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;General data-binding functionality for Jackson: works on core streaming API<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.fasterxml.jackson.core\jackson-databind\2.4.2\8e31266a272ad25ac4c089734d93e8d811652c1f\jackson-databind-2.4.2.jar<br/>
                            <b>MD5:</b>&nbsp;afa5c05ef915babdc720cbe26cc91dca<br/>
                            <b>SHA1:</b>&nbsp;8e31266a272ad25ac4c089734d93e8d811652c1f
                                                                                </p>
                                                <h4 id="header44" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content44" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jackson-databind</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.fasterxml.jackson.core</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.4.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jackson-databind-2.4.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.4.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>General data-binding functionality for Jackson: works on core streaming API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://wiki.fasterxml.com/JacksonHome</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>jackson-databind</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-databind</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.4.2</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build-date</td><td>2014-08-13 21:22:55-0700</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>jackson-databind</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>FasterXML</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml.jackson.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.4.2</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>jackson-databind</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>FasterXML</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jackson-databind</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>General data-binding functionality for Jackson: works on core streaming API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>fasterxml.jackson.core</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>jackson-databind</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jackson-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.4.2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://wiki.fasterxml.com/JacksonHome</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.4.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header45" class="subsectionheader white">Identifiers</h4>
                                                <div id="content45" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%228e31266a272ad25ac4c089734d93e8d811652c1f%22" target="_blank">com.fasterxml.jackson.core:jackson-databind:2.4.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l22_db0c5f1b6e16cb5f5e0505abfcd4b36f3e8bfdc6"></a>jackson-dataformat-smile-2.5.4.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Support for reading and writing Smile (&quot;binary JSON&quot;)
encoded data using Jackson abstractions (streaming API, data binding,
tree model)
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.fasterxml.jackson.dataformat\jackson-dataformat-smile\2.5.4\db0c5f1b6e16cb5f5e0505abfcd4b36f3e8bfdc6\jackson-dataformat-smile-2.5.4.jar<br/>
                            <b>MD5:</b>&nbsp;a3868ca8efddfec575b139f574e21dc2<br/>
                            <b>SHA1:</b>&nbsp;db0c5f1b6e16cb5f5e0505abfcd4b36f3e8bfdc6
                                                                                </p>
                                                <h4 id="header46" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content46" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jackson-dataformat-smile</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.fasterxml.jackson.dataformat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5.4</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jackson-dataformat-smile-2.5.4</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5.4</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Support for reading and writing Smile (&quot;binary JSON&quot;)encoded data using Jackson abstractions (streaming API, data binding,tree model)</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://wiki.fasterxml.com/JacksonForSmile</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jackson-dataformat-Smile</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.dataformat.jackson-dataformat-smile</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.4</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build-date</td><td>2015-06-09 22:10:49-0700</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Jackson-dataformat-Smile</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>FasterXML</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml.jackson.dataformat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.5.4</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Jackson-dataformat-Smile</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>FasterXML</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jackson-dataformat-smile</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Support for reading and writing Smile (&quot;binary JSON&quot;)
encoded data using Jackson abstractions (streaming API, data binding,
tree model) </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>fasterxml.jackson.dataformat</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jackson-dataformat-Smile</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jackson-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.5.4</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://wiki.fasterxml.com/JacksonForSmile</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5.4</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header47" class="subsectionheader white">Identifiers</h4>
                                                <div id="content47" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22db0c5f1b6e16cb5f5e0505abfcd4b36f3e8bfdc6%22" target="_blank">com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.5.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l23_eb95a1eb55cb02018b8e0bc1609ce569b455ea98"></a>caffeine-1.0.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Concurrent data-structures for Java<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.github.ben-manes.caffeine\caffeine\1.0.1\eb95a1eb55cb02018b8e0bc1609ce569b455ea98\caffeine-1.0.1.jar<br/>
                            <b>MD5:</b>&nbsp;1e336552e70dffbe1e629be53e6aa78b<br/>
                            <b>SHA1:</b>&nbsp;eb95a1eb55cb02018b8e0bc1609ce569b455ea98
                                                                                </p>
                                                <h4 id="header48" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content48" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>caffeine</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.github.ben-manes.caffeine</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>caffeine-1.0.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>benmanes</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>cache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>caffeine</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>github</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>com.github.ben-manes.caffeine</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.github.ben-manes.caffeine</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.1</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>caffeine</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Concurrent data-structures for Java</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>github.ben-manes.caffeine</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Caffeine cache</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/ben-manes/caffeine</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header49" class="subsectionheader white">Identifiers</h4>
                                                <div id="content49" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=com/github/ben-manes/caffeine/caffeine/1.0.1/caffeine-1.0.1.jar" target="_blank">com.github.ben-manes.caffeine:caffeine:1.0.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l24_18cc717b85af0b12ba922abf415c2ff4716f8219"></a>junrar-0.7.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;rar decompression library in plain java<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">UnRar License: https://raw.github.com/junrar/junrar/master/license.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.github.junrar\junrar\0.7\18cc717b85af0b12ba922abf415c2ff4716f8219\junrar-0.7.jar<br/>
                            <b>MD5:</b>&nbsp;75a215b9e921044cd2c88e73f6cb9745<br/>
                            <b>SHA1:</b>&nbsp;18cc717b85af0b12ba922abf415c2ff4716f8219
                                                                                </p>
                                                <h4 id="header50" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content50" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>junrar</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.github.junrar</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.7</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>junrar-0.7</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.7</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>https://github.com/junrar/junrar</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>junrar</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>rar decompression library in plain java</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>github.junrar</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Java UnRar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/junrar/junrar</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.7</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header51" class="subsectionheader white">Identifiers</h4>
                                                <div id="content51" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2218cc717b85af0b12ba922abf415c2ff4716f8219%22" target="_blank">com.github.junrar:junrar:0.7</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l25_6b0977602901464b056959027fdf2396050f9dd2"></a>curvesapi-1.03.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Implementation of various mathematical curves that define themselves over a set of control points. The API is written in Java. The curves supported are: Bezier, B-Spline, Cardinal Spline, Catmull-Rom Spline, Lagrange, Natural Cubic Spline, and NURBS.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">BSD License: http://opensource.org/licenses/BSD-3-Clause</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.github.virtuald\curvesapi\1.03\6b0977602901464b056959027fdf2396050f9dd2\curvesapi-1.03.jar<br/>
                            <b>MD5:</b>&nbsp;6003b993068de27f07604c84d23da5de<br/>
                            <b>SHA1:</b>&nbsp;6b0977602901464b056959027fdf2396050f9dd2
                                                                                </p>
                                                <h4 id="header52" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content52" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>curvesapi</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.github.virtuald</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.03</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>curvesapi-1.03</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.03</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>graphbuilder</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>math</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>curvesapi</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Implementation of various mathematical curves that define themselves over a set of control points. The API is written in Java. The curves supported are: Bezier, B-Spline, Cardinal Spline, Catmull-Rom Spline, Lagrange, Natural Cubic Spline, and NURBS.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>github.virtuald</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>curvesapi</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/virtuald/curvesapi</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.03</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header53" class="subsectionheader white">Identifiers</h4>
                                                <div id="content53" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%226b0977602901464b056959027fdf2396050f9dd2%22" target="_blank">com.github.virtuald:curvesapi:1.03</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l26_a60a5e993c98c864010053cb901b7eab25306568"></a>gson-2.2.4.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Google Gson library<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.google.code.gson\gson\2.2.4\a60a5e993c98c864010053cb901b7eab25306568\gson-2.2.4.jar<br/>
                            <b>MD5:</b>&nbsp;2f54fc24807a4cad7297012dd8cebf3d<br/>
                            <b>SHA1:</b>&nbsp;a60a5e993c98c864010053cb901b7eab25306568
                                                                                </p>
                                                <h4 id="header54" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content54" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>gson</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.google.code.gson</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.2.4</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>gson-2.2.4</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.2.4</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>google</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>gson</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-contactaddress</td><td>http://code.google.com/p/google-gson/</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Google Gson library</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Gson</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.google.gson</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.2.4</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>gson</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Google Gson library</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>google.code.gson</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Gson</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.google.com
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://code.google.com/p/google-gson/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.2.4</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header55" class="subsectionheader white">Identifiers</h4>
                                                <div id="content55" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=com/google/code/gson/gson/2.2.4/gson-2.2.4.jar" target="_blank">com.google.code.gson:gson:2.2.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l27_3a3d111be1be1b745edfa7d91678a12d7ed38709"></a>guava-21.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Guava is a suite of core and expanded libraries that include
    utility classes, google's collections, io classes, and much
    much more.

    Guava has only one code dependency - javax.annotation,
    per the JSR-305 spec.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.google.guava\guava\21.0\3a3d111be1be1b745edfa7d91678a12d7ed38709\guava-21.0.jar<br/>
                            <b>MD5:</b>&nbsp;ddc91fd850fa6177c91aab5d4e4d1fa6<br/>
                            <b>SHA1:</b>&nbsp;3a3d111be1be1b745edfa7d91678a12d7ed38709
                                                                                </p>
                                                <h4 id="header56" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content56" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>guava</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.google.guava</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>21.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>guava-21.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>21.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more. Guava has only one code dependency - javax.annotation, per the JSR-305 spec.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/google/guava/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Guava: Google Core Libraries for Java</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.google.guava</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>21.0.0</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>guava</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more. Guava has only one code dependency - javax.annotation, per the JSR-305 spec. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>google.guava</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Guava: Google Core Libraries for Java</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>guava-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.google.guava</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>21.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header57" class="subsectionheader white">Identifiers</h4>
                                                <div id="content57" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223a3d111be1be1b745edfa7d91678a12d7ed38709%22" target="_blank">com.google.guava:guava:21.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l28_a10732c76bfacdbd633a7eb0f7968b1059a65dfa"></a>protobuf-java-2.5.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Protocol Buffers are a way of encoding structured data in an efficient yet
    extensible format.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">New BSD license: http://www.opensource.org/licenses/bsd-license.php</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.google.protobuf\protobuf-java\2.5.0\a10732c76bfacdbd633a7eb0f7968b1059a65dfa\protobuf-java-2.5.0.jar<br/>
                            <b>MD5:</b>&nbsp;a44473b98947e2a54c54e0db1387d137<br/>
                            <b>SHA1:</b>&nbsp;a10732c76bfacdbd633a7eb0f7968b1059a65dfa
                                                                                </p>
                                                <h4 id="header58" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content58" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>protobuf-java</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.google.protobuf</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>protobuf-java-2.5.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Protocol Buffers are a way of encoding structured data in an efficient yet    extensible format.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://code.google.com/p/protobuf</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Protocol Buffer Java API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.google.protobuf</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>protobuf-java</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Protocol Buffers are a way of encoding structured data in an efficient yet extensible format. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>google.protobuf</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Protocol Buffer Java API</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>google</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.google</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.5.0</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://code.google.com/p/protobuf</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header59" class="subsectionheader white">Identifiers</h4>
                                                <div id="content59" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22a10732c76bfacdbd633a7eb0f7968b1059a65dfa%22" target="_blank">com.google.protobuf:protobuf-java:2.5.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l29_2287494d4f5f9f3a9a2bb6980e3f32053721b315"></a>core-3.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Core barcode encoding/decoding library<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.google.zxing\core\3.2.1\2287494d4f5f9f3a9a2bb6980e3f32053721b315\core-3.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;45e31fec1bebd17da546cf7ec329d87b<br/>
                            <b>SHA1:</b>&nbsp;2287494d4f5f9f3a9a2bb6980e3f32053721b315
                                                                                </p>
                                                <h4 id="header60" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content60" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.google.zxing</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>core-3.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>google</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>zxing</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Core barcode encoding/decoding library</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>google.zxing</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>ZXing Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>zxing-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.google.zxing</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header61" class="subsectionheader white">Identifiers</h4>
                                                <div id="content61" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%222287494d4f5f9f3a9a2bb6980e3f32053721b315%22" target="_blank">com.google.zxing:core:3.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l30_db7b7a28b835db4717d4aaf31f5d4441887a6d46"></a>concurrentlinkedhashmap-lru-1.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    A high performance version of java.util.LinkedHashMap for use as a software cache.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.googlecode.concurrentlinkedhashmap\concurrentlinkedhashmap-lru\1.0\db7b7a28b835db4717d4aaf31f5d4441887a6d46\concurrentlinkedhashmap-lru-1.0.jar<br/>
                            <b>MD5:</b>&nbsp;47f4c780c2a1f4bfc344426bf1e72882<br/>
                            <b>SHA1:</b>&nbsp;db7b7a28b835db4717d4aaf31f5d4441887a6d46
                                                                                </p>
                                                <h4 id="header62" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content62" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>concurrentlinkedhashmap-lru</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.googlecode.concurrentlinkedhashmap</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>concurrentlinkedhashmap-lru-1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>concurrentlinkedhashmap</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>googlecode</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>concurrentlinkedhashmap-lru</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
    A high performance version of java.util.LinkedHashMap for use as a software cache.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>googlecode.concurrentlinkedhashmap</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>ConcurrentLinkedHashMap</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://code.google.com/p/concurrentlinkedhashmap</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header63" class="subsectionheader white">Identifiers</h4>
                                                <div id="content63" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22db7b7a28b835db4717d4aaf31f5d4441887a6d46%22" target="_blank">com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l31_1997520f849718ec99a92aa67c17e408e5cca32a"></a>ez-vcard-0.9.10.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A library that reads and writes vCards, supporting all versions of the vCard standard (2.1, 3.0, and 4.0) as well as xCard (XML-encoded vCards), hCard (HTML-encoded vCards), and jCard (JSON-encoded vCards).<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">FreeBSD License: http://opensource.org/licenses/bsd-license.php</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.googlecode.ez-vcard\ez-vcard\0.9.10\1997520f849718ec99a92aa67c17e408e5cca32a\ez-vcard-0.9.10.jar<br/>
                            <b>MD5:</b>&nbsp;0a1ca155833e526131774263e949b13b<br/>
                            <b>SHA1:</b>&nbsp;1997520f849718ec99a92aa67c17e408e5cca32a
                                                                                </p>
                                                <h4 id="header64" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content64" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ez-vcard</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.googlecode.ez-vcard</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.9.10</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ez-vcard-0.9.10</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.9.10</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>A library that reads and writes vCards, supporting all versions of the vCard standard (2.1, 3.0, and 4.0) as well as xCard (XML-encoded vCards), hCard (HTML-encoded vCards), and jCard (JSON-encoded vCards).</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>ez-vcard</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.googlecode.ez-vcard</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.9.10</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ez-vcard</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A library that reads and writes vCards, supporting all versions of the vCard standard (2.1, 3.0, and 4.0) as well as xCard (XML-encoded vCards), hCard (HTML-encoded vCards), and jCard (JSON-encoded vCards).</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>googlecode.ez-vcard</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>ez-vcard</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>Michael Angstadt
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://github.com/mangstadt/ez-vcard</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.9.10</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header65" class="subsectionheader white">Identifiers</h4>
                                                <div id="content65" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%221997520f849718ec99a92aa67c17e408e5cca32a%22" target="_blank">com.googlecode.ez-vcard:ez-vcard:0.9.10</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l32_c9ad4a0850ab676c5c64461a05ca524cdfff59f1"></a>json-simple-1.1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A simple Java toolkit for JSON<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.googlecode.json-simple\json-simple\1.1.1\c9ad4a0850ab676c5c64461a05ca524cdfff59f1\json-simple-1.1.1.jar<br/>
                            <b>MD5:</b>&nbsp;5cc2c478d73e8454b4c369cee66c5bc7<br/>
                            <b>SHA1:</b>&nbsp;c9ad4a0850ab676c5c64461a05ca524cdfff59f1
                                                                                </p>
                                                <h4 id="header66" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content66" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>json-simple</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.googlecode.json-simple</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>json-simple-1.1.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>A simple Java toolkit for JSON</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>JSON.simple</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.googlecode.json-simple</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>json-simple</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A simple Java toolkit for JSON</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>googlecode.json-simple</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JSON.simple</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://code.google.com/p/json-simple/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header67" class="subsectionheader white">Identifiers</h4>
                                                <div id="content67" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22c9ad4a0850ab676c5c64461a05ca524cdfff59f1%22" target="_blank">com.googlecode.json-simple:json-simple:1.1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l33_cd49678784c46aa8789c060538e0154013bb421b"></a>juniversalchardet-1.0.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java port of universalchardet<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Mozilla Public License 1.1 (MPL 1.1): http://www.mozilla.org/MPL/MPL-1.1.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.googlecode.juniversalchardet\juniversalchardet\1.0.3\cd49678784c46aa8789c060538e0154013bb421b\juniversalchardet-1.0.3.jar<br/>
                            <b>MD5:</b>&nbsp;d9ea0a9a275336c175b343f2e4cd8f27<br/>
                            <b>SHA1:</b>&nbsp;cd49678784c46aa8789c060538e0154013bb421b
                                                                                </p>
                                                <h4 id="header68" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content68" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>juniversalchardet</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.googlecode.juniversalchardet</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>juniversalchardet-1.0.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>mozilla</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>prober</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>universalchardet</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>juniversalchardet</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Java port of universalchardet</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>googlecode.juniversalchardet</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>juniversalchardet</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://juniversalchardet.googlecode.com/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header69" class="subsectionheader white">Identifiers</h4>
                                                <div id="content69" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22cd49678784c46aa8789c060538e0154013bb421b%22" target="_blank">com.googlecode.juniversalchardet:juniversalchardet:1.0.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l34_6d9a5c5814ec67178dd1d5a25bae874d4697a5b8"></a>isoparser-1.0.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A generic parser and writer for all ISO 14496 based files (MP4, Quicktime, DCF, PDCF, ...)
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.googlecode.mp4parser\isoparser\1.0.2\6d9a5c5814ec67178dd1d5a25bae874d4697a5b8\isoparser-1.0.2.jar<br/>
                            <b>MD5:</b>&nbsp;ea67895a456476d6848a13b41a843bd0<br/>
                            <b>SHA1:</b>&nbsp;6d9a5c5814ec67178dd1d5a25bae874d4697a5b8
                                                                                </p>
                                                <h4 id="header70" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content70" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>isoparser</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.googlecode.mp4parser</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>isoparser-1.0.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>boxes</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>googlecode</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>mp4parser</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>isoparser</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A generic parser and writer for all ISO 14496 based files (MP4, Quicktime, DCF, PDCF, ...)
    </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>googlecode.mp4parser</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>ISO Parser</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://code.google.com/p/mp4parser/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header71" class="subsectionheader white">Identifiers</h4>
                                                <div id="content71" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%226d9a5c5814ec67178dd1d5a25bae874d4697a5b8%22" target="_blank">com.googlecode.mp4parser:isoparser:1.0.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l35_bf17ddc1f7c0b37157f59fa0d32a46e47b07efb3"></a>owasp-java-html-sanitizer-20160628.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.googlecode.owasp-java-html-sanitizer\owasp-java-html-sanitizer\20160628.1\bf17ddc1f7c0b37157f59fa0d32a46e47b07efb3\owasp-java-html-sanitizer-20160628.1.jar<br/>
                            <b>MD5:</b>&nbsp;2ff61c91fec416dc80c2d984bce7254d<br/>
                            <b>SHA1:</b>&nbsp;bf17ddc1f7c0b37157f59fa0d32a46e47b07efb3
                                                                                </p>
                                                <h4 id="header72" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content72" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>owasp-java-html-sanitizer</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.googlecode.owasp-java-html-sanitizer</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>20160628.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>owasp-java-html-sanitizer-20160628.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>20160628.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>html</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>owasp</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>owasp-java-html-sanitizer</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>googlecode.owasp-java-html-sanitizer</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>OWASP Java HTML Sanitizer</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.googlecode.owasp-java-html-sanitizer</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>20160628.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header73" class="subsectionheader white">Identifiers</h4>
                                                <div id="content73" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22bf17ddc1f7c0b37157f59fa0d32a46e47b07efb3%22" target="_blank">com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20160628.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l36_effacd7133ab76ee54c0488dd952b177bfeb85a3"></a>jackcess-encrypt-2.1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;An add-on to the Jackcess library for handling encryption in MS Access files.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.healthmarketscience.jackcess\jackcess-encrypt\2.1.1\effacd7133ab76ee54c0488dd952b177bfeb85a3\jackcess-encrypt-2.1.1.jar<br/>
                            <b>MD5:</b>&nbsp;afa852d0625f3ec08f5ee55a6085ed7a<br/>
                            <b>SHA1:</b>&nbsp;effacd7133ab76ee54c0488dd952b177bfeb85a3
                                                                                </p>
                                                <h4 id="header74" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content74" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jackcess-encrypt</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.healthmarketscience.jackcess</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jackcess-encrypt-2.1.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>An add-on to the Jackcess library for handling encryption in MS Access files.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.healthmarketscience.com</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jackcess Encrypt</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.healthmarketscience.jackcess.encrypt</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.1.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jackcess-encrypt</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>An add-on to the Jackcess library for handling encryption in MS Access files.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>healthmarketscience.jackcess</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jackcess Encrypt</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>openhms-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.healthmarketscience</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.1.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jackcessencrypt.sf.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header75" class="subsectionheader white">Identifiers</h4>
                                                <div id="content75" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22effacd7133ab76ee54c0488dd952b177bfeb85a3%22" target="_blank">com.healthmarketscience.jackcess:jackcess-encrypt:2.1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l37_b7f61fbb78919cb851868ce177d8fe626a6b4370"></a>jackcess-2.1.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A pure Java library for reading from and writing to MS Access databases.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.healthmarketscience.jackcess\jackcess\2.1.2\b7f61fbb78919cb851868ce177d8fe626a6b4370\jackcess-2.1.2.jar<br/>
                            <b>MD5:</b>&nbsp;08f01ae3bb03c73d29954d4b23e43fac<br/>
                            <b>SHA1:</b>&nbsp;b7f61fbb78919cb851868ce177d8fe626a6b4370
                                                                                </p>
                                                <h4 id="header76" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content76" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jackcess</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.healthmarketscience.jackcess</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jackcess-2.1.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>A pure Java library for reading from and writing to MS Access databases.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.healthmarketscience.com</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jackcess</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.healthmarketscience.jackcess</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.1.2</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jackcess</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A pure Java library for reading from and writing to MS Access databases.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>healthmarketscience.jackcess</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jackcess</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>openhms-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.healthmarketscience</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.1.2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jackcess.sf.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header77" class="subsectionheader white">Identifiers</h4>
                                                <div id="content77" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22b7f61fbb78919cb851868ce177d8fe626a6b4370%22" target="_blank">com.healthmarketscience.jackcess:jackcess:2.1.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l38_198ea005f41219f038f4291f0b0e9f3259730e92"></a>icu4j-57.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    International Component for Unicode for Java (ICU4J) is a mature, widely used Java library
    providing Unicode and Globalization support
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">ICU License: http://source.icu-project.org/repos/icu/icu/trunk/LICENSE</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.ibm.icu\icu4j\57.1\198ea005f41219f038f4291f0b0e9f3259730e92\icu4j-57.1.jar<br/>
                            <b>MD5:</b>&nbsp;f9933ef5ad5b7396561cfa0988a9aac6<br/>
                            <b>SHA1:</b>&nbsp;198ea005f41219f038f4291f0b0e9f3259730e92
                                                                                </p>
                                                <h4 id="header78" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content78" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>icu4j</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.ibm.icu</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>57.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>icu4j-57.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>57.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ibm</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>icu</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright 2000-2016, International Business Machines Corporation and others.  All Rights Reserved.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>International Components for Unicode for Java</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>ICU4J</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.ibm.icu</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>57.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>International Components for Unicode for Java</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>IBM Corporation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.ibm</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>57.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>International Components for Unicode for Java</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>icu-project.org</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>icu4j</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> International Component for Unicode for Java (ICU4J) is a mature, widely used Java library providing Unicode and Globalization support </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>ibm.icu</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>ICU4J</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://icu-project.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>57.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header79" class="subsectionheader white">Identifiers</h4>
                                                <div id="content79" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=com/ibm/icu/icu4j/57.1/icu4j-57.1.jar" target="_blank">com.ibm.icu:icu4j:57.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:icu_project:international_components_for_unicode:57.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('icu4j-57.1.jar', '198ea005f41219f038f4291f0b0e9f3259730e92', 'cpe', 'cpe:/a:icu_project:international_components_for_unicode:57.1')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l39_892bfb3e97074a61123b3b2d7caa2db112750864"></a>itext-2.1.7.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;iText, a free Java-PDF library<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Mozilla Public License: http://www.mozilla.org/MPL/MPL-1.1.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.lowagie\itext\2.1.7\892bfb3e97074a61123b3b2d7caa2db112750864\itext-2.1.7.jar<br/>
                            <b>MD5:</b>&nbsp;7587a618197a065eac4a453d173d4ed6<br/>
                            <b>SHA1:</b>&nbsp;892bfb3e97074a61123b3b2d7caa2db112750864
                                                                                </p>
                                                <h4 id="header80" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content80" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>itext</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.lowagie</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1.7</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>itext-2.1.7</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1.7</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lowagie</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>pdf</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>text</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>itext</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>iText, a free Java-PDF library</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>lowagie</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>iText, a Free Java-PDF library</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.lowagie.com/iText/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1.7</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header81" class="subsectionheader white">Identifiers</h4>
                                                <div id="content81" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=com/lowagie/itext/2.1.7/itext-2.1.7.jar" target="_blank">com.lowagie:itext:2.1.7</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l40_ad31986653dac9cb5132ea5b2999c20b4b286255"></a>java-libpst-0.8.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A library to read PST files with java, without need for external libraries.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.pff\java-libpst\0.8.1\ad31986653dac9cb5132ea5b2999c20b4b286255\java-libpst-0.8.1.jar<br/>
                            <b>MD5:</b>&nbsp;6be27662e0b06154e5f05938937d16b7<br/>
                            <b>SHA1:</b>&nbsp;ad31986653dac9cb5132ea5b2999c20b4b286255
                                                                                </p>
                                                <h4 id="header82" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content82" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>java-libpst</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.pff</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.8.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>java-libpst-0.8.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.8.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>pff</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>java-libpst</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A library to read PST files with java, without need for external libraries.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>pff</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>java-libpst</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://code.google.com/p/java-libpst/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.8.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header83" class="subsectionheader white">Identifiers</h4>
                                                <div id="content83" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22ad31986653dac9cb5132ea5b2999c20b4b286255%22" target="_blank">com.pff:java-libpst:0.8.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l41_3a3d6473a2f5d55fb31bf6c269af963fdea13b54"></a>rome-utils-1.5.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Utility classes for ROME projects<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.rometools\rome-utils\1.5.1\3a3d6473a2f5d55fb31bf6c269af963fdea13b54\rome-utils-1.5.1.jar<br/>
                            <b>MD5:</b>&nbsp;ba0f0958cbbacd734b383038c3dcb0ef<br/>
                            <b>SHA1:</b>&nbsp;3a3d6473a2f5d55fb31bf6c269af963fdea13b54
                                                                                </p>
                                                <h4 id="header84" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content84" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>rome-utils</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.rometools</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>rome-utils-1.5.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>rometools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>utils</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>rome-utils</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Utility classes for ROME projects</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>rometools</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>rome-utils</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>rome-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.rometools</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://rometools.github.io/rome-utils/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header85" class="subsectionheader white">Identifiers</h4>
                                                <div id="content85" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223a3d6473a2f5d55fb31bf6c269af963fdea13b54%22" target="_blank">com.rometools:rome-utils:1.5.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l42_cc3489f066749bede7fc81f4e80c0d8c9534a210"></a>rome-1.5.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;All Roads Lead to ROME. ROME is a set of Atom/RSS Java utilities that make it
        easy to work in Java with most syndication formats. Today it accepts all flavors of RSS
        (0.90, 0.91, 0.92, 0.93, 0.94, 1.0 and 2.0), Atom 0.3 and Atom 1.0 feeds. Rome includes
        a set of parsers and generators for the various flavors of feeds, as well as converters
        to convert from one format to another. The parsers can give you back Java objects that
        are either specific for the format you want to work with, or a generic normalized
        SyndFeed object that lets you work on with the data without bothering about the
        underlying format.
    <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.rometools\rome\1.5.1\cc3489f066749bede7fc81f4e80c0d8c9534a210\rome-1.5.1.jar<br/>
                            <b>MD5:</b>&nbsp;07039d4b871513942d0495311947275f<br/>
                            <b>SHA1:</b>&nbsp;cc3489f066749bede7fc81f4e80c0d8c9534a210
                                                                                </p>
                                                <h4 id="header86" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content86" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>rome</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.rometools</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>rome-1.5.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>rome</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.rometools</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>rome</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>rome</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>All Roads Lead to ROME. ROME is a set of Atom/RSS Java utilities that make it easy to work in Java with most syndication formats. Today it accepts all flavors of RSS (0.90, 0.91, 0.92, 0.93, 0.94, 1.0 and 2.0), Atom 0.3 and Atom 1.0 feeds. Rome includes a set of parsers and generators for the various flavors of feeds, as well as converters to convert from one format to another. The parsers can give you back Java objects that are either specific for the format you want to work with, or a generic normalized SyndFeed object that lets you work on with the data without bothering about the underlying format. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>rometools</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>rome</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>rome-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.rometools</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://rometools.github.io/rome/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header87" class="subsectionheader white">Identifiers</h4>
                                                <div id="content87" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22cc3489f066749bede7fc81f4e80c0d8c9534a210%22" target="_blank">com.rometools:rome:1.5.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l43_9724dd44f1abbba99c9858aa05fc91d53f59e7a5"></a>javax.mail-1.5.1.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;JavaMail API<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">https://glassfish.java.net/public/CDDL+GPL_1_1.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.sun.mail\javax.mail\1.5.1\9724dd44f1abbba99c9858aa05fc91d53f59e7a5\javax.mail-1.5.1.jar<br/>
                            <b>MD5:</b>&nbsp;7568b973bb2e3cc6f150ad908ddf349f<br/>
                            <b>SHA1:</b>&nbsp;9724dd44f1abbba99c9858aa05fc91d53f59e7a5
                                                                                </p>
                                                <h4 id="header88" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content88" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>javax.mail</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.sun.mail</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>javax.mail-1.5.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>JavaMail API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.oracle.com</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>JavaMail API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.sun.mail.javax.mail</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.5.1</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.mail</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>javax.mail</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Oracle</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.sun</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5.1</td></tr>
                                                                    <tr><td>Manifest</td><td>probe-provider-xml-file-names</td><td>META-INF/gfprobe-provider.xml</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>JavaMail(TM) API Design Specification</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Oracle</td></tr>
                                                                    <tr><td>Manifest (hint)</td><td>Implementation-Vendor</td><td>sun</td></tr>
                                                                    <tr><td>Manifest (hint)</td><td>specification-vendor</td><td>sun</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>javax.mail</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>sun.mail</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JavaMail API</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>all</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.sun.mail</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header89" class="subsectionheader white">Identifiers</h4>
                                                <div id="content89" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%229724dd44f1abbba99c9858aa05fc91d53f59e7a5%22" target="_blank">com.sun.mail:javax.mail:1.5.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Asun%3Ajavamail" target="_blank">cpe:/a:sun:javamail:1.5.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('javax.mail-1.5.1.jar', '9724dd44f1abbba99c9858aa05fc91d53f59e7a5', 'cpe', 'cpe:/a:sun:javamail:1.5.1')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header90" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content90" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6059">CVE-2007-6059</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('javax.mail-1.5.1.jar', '9724dd44f1abbba99c9858aa05fc91d53f59e7a5', 'cve', 'CVE-2007-6059')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>** DISPUTED **  Javamail does not properly handle a series of invalid login attempts in which the same e-mail address is entered as username and password, and the domain portion of this address yields a Java UnknownHostException error, which allows remote attackers to cause a denial of service (connection pool exhaustion) via a large number of requests, resulting in a SQLNestedException.  NOTE: Sun disputes this issue, stating &quot;The report makes references to source code and files that do not exist in the mentioned products.&quot;
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2007-11/0239.html">20071116 Javamail login username and password same email problem</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs2"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Asun%3Ajavamail">cpe:/a:sun:javamail</a> </li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l44_2c8daab3471d3060d115cdcf4af2a88cb04744c1"></a>com.springsource.com.sun.syndication-0.9.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.sun.syndication\com.springsource.com.sun.syndication\0.9.0\2c8daab3471d3060d115cdcf4af2a88cb04744c1\com.springsource.com.sun.syndication-0.9.0.jar<br/>
                            <b>MD5:</b>&nbsp;1c5121f30c06d4ec0d5c68dc5e119929<br/>
                            <b>SHA1:</b>&nbsp;2c8daab3471d3060d115cdcf4af2a88cb04744c1
                                                                                </p>
                                                <h4 id="header91" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content91" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>com.springsource.com.sun.syndication-0.9.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.9.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>feed</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sun</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>syndication</td></tr>
                                                                    <tr><td>jar (hint)</td><td>package name</td><td>oracle</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>ROME: RSS/Atom syndication and publishing tools</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.springsource.com.sun.syndication</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.9.0</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>rome</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>com.sun.syndication</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Sun Microsystems</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.9</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Rss and atOM utilitiEs (ROME)</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems</td></tr>
                                                            </table>
                        </div>
                                                                        <h4 id="header92" class="subsectionheader white">Identifiers</h4>
                                                <div id="content92" class="subsectioncontent standardsubsection">
                                                    <ul><li><b>None</b></li></ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l45_9c137963871ba7296643806b01083e4cf1703769"></a>jaxb-impl-2.1.9.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.sun.xml.bind\jaxb-impl\2.1.9\9c137963871ba7296643806b01083e4cf1703769\jaxb-impl-2.1.9.jar<br/>
                            <b>MD5:</b>&nbsp;8f7f2e5ceca330ebfeea5db52a891f8f<br/>
                            <b>SHA1:</b>&nbsp;9c137963871ba7296643806b01083e4cf1703769
                                                                                </p>
                                                <h4 id="header93" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content93" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jaxb-impl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.sun.xml.bind</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1.9</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jaxb-impl-2.1.9</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1.9</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bind</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sun</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>v2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>jar (hint)</td><td>package name</td><td>oracle</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>hudson-jaxb-ri-2.1-661</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>com.sun.xml.bind</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>JAXB Reference Implementation </td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Sun Microsystems, Inc.</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.sun</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.1.9</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Java Architecture for XML Binding</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems, Inc.</td></tr>
                                                                    <tr><td>manifest: com.sun.xml.bind.v2.runtime</td><td>Implementation-Version</td><td>hudson-jaxb-ri-2.1-661</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jaxb-impl</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>sun.xml.bind</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1.9</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header94" class="subsectionheader white">Identifiers</h4>
                                                <div id="content94" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=com/sun/xml/bind/jaxb-impl/2.1.9/jaxb-impl-2.1.9.jar" target="_blank">com.sun.xml.bind:jaxb-impl:2.1.9</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l46_451ed219688aed5821a789428fd5e10426d11312"></a>t-digest-3.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Data structure which allows accurate estimation of quantiles and related rank statistics<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.tdunning\t-digest\3.1\451ed219688aed5821a789428fd5e10426d11312\t-digest-3.1.jar<br/>
                            <b>MD5:</b>&nbsp;ba0c00142170b71bd3ae17d2d7e4e38b<br/>
                            <b>SHA1:</b>&nbsp;451ed219688aed5821a789428fd5e10426d11312
                                                                                </p>
                                                <h4 id="header95" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content95" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>t-digest</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.tdunning</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>t-digest-3.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>math</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>stats</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tdunning</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>t-digest</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Data structure which allows accurate estimation of quantiles and related rank statistics</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>tdunning</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>T-Digest</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/tdunning/t-digest</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header96" class="subsectionheader white">Identifiers</h4>
                                                <div id="content96" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22451ed219688aed5821a789428fd5e10426d11312%22" target="_blank">com.tdunning:t-digest:3.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l47_c43f6e6bfa79b56e04a8898a923c3cf7144dd460"></a>xstream-1.4.9.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;XStream is a serialization library from Java objects to XML and back.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://x-stream.github.io/license.html">http://x-stream.github.io/license.html</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\com.thoughtworks.xstream\xstream\1.4.9\c43f6e6bfa79b56e04a8898a923c3cf7144dd460\xstream-1.4.9.jar<br/>
                            <b>MD5:</b>&nbsp;17f5ef61f6225a86ac39fc3dab45d755<br/>
                            <b>SHA1:</b>&nbsp;c43f6e6bfa79b56e04a8898a923c3cf7144dd460
                                                                                </p>
                                                <h4 id="header97" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content97" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xstream</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.thoughtworks.xstream</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.4.9</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xstream-1.4.9</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.4.9</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>XStream is a serialization library from Java objects to XML and back.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://x-stream.github.io</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>XStream Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>xstream</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.4.9</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>XStream Core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>XStream</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.thoughtworks.xstream</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.4.9</td></tr>
                                                                    <tr><td>Manifest</td><td>java_1_4_home</td><td>/opt/blackdown-jdk-1.4.2.03</td></tr>
                                                                    <tr><td>Manifest</td><td>java_1_5_home</td><td>/opt/sun-jdk-1.5.0.22</td></tr>
                                                                    <tr><td>Manifest</td><td>java_1_6_home</td><td>/opt/sun-jdk-1.6.0.45</td></tr>
                                                                    <tr><td>Manifest</td><td>java_1_7_home</td><td>/opt/oracle-jdk-bin-1.7.0.80</td></tr>
                                                                    <tr><td>Manifest</td><td>java_1_8_home</td><td>/opt/oracle-jdk-bin-1.8.0.74</td></tr>
                                                                    <tr><td>Manifest</td><td>java_1_9_home</td><td>/opt/oracle-jdk-bin-1.9.0.0_beta93</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>XStream Core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>XStream</td></tr>
                                                                    <tr><td>Manifest</td><td>x-build-time</td><td>2016-03-15T23:14:15Z</td></tr>
                                                                    <tr><td>Manifest</td><td>x-builder</td><td>3.3.9</td></tr>
                                                                    <tr><td>Manifest</td><td>x-builder</td><td>Maven 3.3.9</td></tr>
                                                                    <tr><td>Manifest</td><td>x-compile-source</td><td>1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>x-compile-target</td><td>1.5</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xstream</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>thoughtworks.xstream</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>XStream Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>xstream-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.thoughtworks.xstream</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.4.9</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header98" class="subsectionheader white">Identifiers</h4>
                                                <div id="content98" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22c43f6e6bfa79b56e04a8898a923c3cf7144dd460%22" target="_blank">com.thoughtworks.xstream:xstream:1.4.9</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l48_175dc721f87e4bc5cc0573f990e28c3cf9117508"></a>commons-beanutils-core-1.8.0.jar</h3>
                    <div class="subsectioncontent">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-beanutils\commons-beanutils-core\1.8.0\175dc721f87e4bc5cc0573f990e28c3cf9117508\commons-beanutils-core-1.8.0.jar<br/>
                            <b>MD5:</b>&nbsp;a33ba25ae637909a97a60ff1d1b38857<br/>
                            <b>SHA1:</b>&nbsp;175dc721f87e4bc5cc0573f990e28c3cf9117508
                                                                                </p>
                                                <h4 id="header99" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content99" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-beanutils-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-beanutils</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-beanutils-core-1.8.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>beanutils</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>commons</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Commons BeanUtils Core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Commons BeanUtils Core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-beanutils-core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-beanutils</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Commons BeanUtils Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.8.0</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/beanutils/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header100" class="subsectionheader white">Identifiers</h4>
                                                <div id="content100" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=commons-beanutils/commons-beanutils-core/1.8.0/commons-beanutils-core-1.8.0.jar" target="_blank">commons-beanutils:commons-beanutils-core:1.8.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:commons_beanutils:1.8.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('commons-beanutils-core-1.8.0.jar', '175dc721f87e4bc5cc0573f990e28c3cf9117508', 'cpe', 'cpe:/a:apache:commons_beanutils:1.8.0')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header101" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content101" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0114">CVE-2014-0114</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('commons-beanutils-core-1.8.0.jar', '175dc721f87e4bc5cc0573f990e28c3cf9117508', 'cve', 'CVE-2014-0114')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to &quot;manipulate&quot; the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67121">67121</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0219.html">http://advisories.mageia.org/MGASA-2014-0219.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt">http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21674128">http://www-01.ibm.com/support/docview.wss?uid=swg21674128</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21674812">http://www-01.ibm.com/support/docview.wss?uid=swg21674812</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675266">http://www-01.ibm.com/support/docview.wss?uid=swg21675266</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675387">http://www-01.ibm.com/support/docview.wss?uid=swg21675387</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675689">http://www-01.ibm.com/support/docview.wss?uid=swg21675689</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675898">http://www-01.ibm.com/support/docview.wss?uid=swg21675898</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675972">http://www-01.ibm.com/support/docview.wss?uid=swg21675972</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21676091">http://www-01.ibm.com/support/docview.wss?uid=swg21676091</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21676110">http://www-01.ibm.com/support/docview.wss?uid=swg21676110</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21676303">http://www-01.ibm.com/support/docview.wss?uid=swg21676303</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21676375">http://www-01.ibm.com/support/docview.wss?uid=swg21676375</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21676931">http://www-01.ibm.com/support/docview.wss?uid=swg21676931</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677110">http://www-01.ibm.com/support/docview.wss?uid=swg21677110</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg27042296">http://www-01.ibm.com/support/docview.wss?uid=swg27042296</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg21675496">http://www.ibm.com/support/docview.wss?uid=swg21675496</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html">http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html">http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0008.html">http://www.vmware.com/security/advisories/VMSA-2014-0008.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://access.redhat.com/solutions/869353">https://access.redhat.com/solutions/869353</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1091938">https://bugzilla.redhat.com/show_bug.cgi?id=1091938</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1116665">https://bugzilla.redhat.com/show_bug.cgi?id=1116665</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.apache.org/jira/browse/BEANUTILS-463">https://issues.apache.org/jira/browse/BEANUTILS-463</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2940">DSA-2940</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html">FEDORA-2014-9380</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="https://security.gentoo.org/glsa/201607-09">GLSA-201607-09</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=140119284401582&amp;w=2">HPSBGN03041</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=140801096002766&amp;w=2">HPSBMU03090</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141451023707502&amp;w=2">HPSBST03160</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2014:095">MDVSA-2014:095</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2014/06/15/10">[oss-security] 20140616 CVE request for commons-beanutils: 'class' property is exposed, potentially leading to RCE</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2014/07/08/1">[oss-security] 20140707 Re: CVE request for commons-beanutils: 'class' property is exposed, potentially leading to RCE</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/57477">57477</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/58710">58710</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/58947">58947</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59118">59118</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59228">59228</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59245">59245</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59246">59246</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59430">59430</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59464">59464</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59479">59479</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59480">59480</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59718">59718</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs3', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs3"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acommons_beanutils%3A1.9.1">cpe:/a:apache:commons_beanutils:1.9.1</a>  and all previous versions</li>
                                    <li class="vs3">...</li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acommons_beanutils%3A1.9.1">cpe:/a:apache:commons_beanutils:1.9.1</a>  and all previous versions</li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.0">cpe:/a:apache:struts:1.0</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.0.2">cpe:/a:apache:struts:1.0.2</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.1">cpe:/a:apache:struts:1.1</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.1%3Ab1">cpe:/a:apache:struts:1.1:b1</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.1%3Ab2">cpe:/a:apache:struts:1.1:b2</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.1%3Ab3">cpe:/a:apache:struts:1.1:b3</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.1%3Arc1">cpe:/a:apache:struts:1.1:rc1</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.1%3Arc2">cpe:/a:apache:struts:1.1:rc2</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.2.2">cpe:/a:apache:struts:1.2.2</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.2.4">cpe:/a:apache:struts:1.2.4</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.2.6">cpe:/a:apache:struts:1.2.6</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.2.7">cpe:/a:apache:struts:1.2.7</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.2.8">cpe:/a:apache:struts:1.2.8</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.2.9">cpe:/a:apache:struts:1.2.9</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.3.5">cpe:/a:apache:struts:1.3.5</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.3.8">cpe:/a:apache:struts:1.3.8</a> </li>
                                                                    <li class="vs3 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.3.10">cpe:/a:apache:struts:1.3.10</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l49_7a87d845ad3a155297e8f67d9008f4c1e5656b71"></a>commons-beanutils-1.9.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-beanutils\commons-beanutils\1.9.2\7a87d845ad3a155297e8f67d9008f4c1e5656b71\commons-beanutils-1.9.2.jar<br/>
                            <b>MD5:</b>&nbsp;9f298a2d65e68184f9ebaa938bc12106<br/>
                            <b>SHA1:</b>&nbsp;7a87d845ad3a155297e8f67d9008f4c1e5656b71
                                                                                </p>
                                                <h4 id="header102" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content102" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-beanutils</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-beanutils</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.9.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-beanutils-1.9.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.9.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-beanutils/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons BeanUtils</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.beanutils</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.9.2</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/BEANUTILS_1_9_2_RC1@r1597453; 2014-05-26 21:17:41+0200</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons BeanUtils</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.9.2</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons BeanUtils</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-beanutils</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-beanutils</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons BeanUtils</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.9.2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-beanutils/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.9.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header103" class="subsectionheader white">Identifiers</h4>
                                                <div id="content103" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%227a87d845ad3a155297e8f67d9008f4c1e5656b71%22" target="_blank">commons-beanutils:commons-beanutils:1.9.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:commons_beanutils:1.9.2
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('commons-beanutils-1.9.2.jar', '7a87d845ad3a155297e8f67d9008f4c1e5656b71', 'cpe', 'cpe:/a:apache:commons_beanutils:1.9.2')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l50_1303efbc4b181e5a58bf2e967dc156a3132b97c0"></a>commons-cli-1.3.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Apache Commons CLI provides a simple API for presenting, processing and validating a command line interface.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-cli\commons-cli\1.3.1\1303efbc4b181e5a58bf2e967dc156a3132b97c0\commons-cli-1.3.1.jar<br/>
                            <b>MD5:</b>&nbsp;8d5fa2a42fef17d9034b35a9ac9cc750<br/>
                            <b>SHA1:</b>&nbsp;1303efbc4b181e5a58bf2e967dc156a3132b97c0
                                                                                </p>
                                                <h4 id="header104" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content104" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-cli</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-cli</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-cli-1.3.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Commons CLI provides a simple API for presenting, processing and validating a command line interface.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-cli/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons CLI</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.cli</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.3.1</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/cli-1.3.1-RC1@r1685378; 2015-06-14 10:06:05+0000</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons CLI</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.3.1</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.5))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons CLI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-cli</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Apache Commons CLI provides a simple API for presenting, processing and validating a command line interface. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-cli</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons CLI</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.3.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-cli/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header105" class="subsectionheader white">Identifiers</h4>
                                                <div id="content105" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%221303efbc4b181e5a58bf2e967dc156a3132b97c0%22" target="_blank">commons-cli:commons-cli:1.3.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l51_4b95f4897fa13f2cd904aee711aeafc0c5295cd8"></a>commons-codec-1.10.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
     The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-codec\commons-codec\1.10\4b95f4897fa13f2cd904aee711aeafc0c5295cd8\commons-codec-1.10.jar<br/>
                            <b>MD5:</b>&nbsp;353cf6a2bdba09595ccfa073b78c7fcb<br/>
                            <b>SHA1:</b>&nbsp;4b95f4897fa13f2cd904aee711aeafc0c5295cd8
                                                                                </p>
                                                <h4 id="header106" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content106" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-codec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-codec</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.10</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-codec-1.10</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.10</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-codec/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Codec</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.codec</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.10.0</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>trunk@r1637108; 2014-11-06 14:14:12+0000</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Codec</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.10</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons Codec</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-codec</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-codec</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons Codec</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.10</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-codec/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.10</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header107" class="subsectionheader white">Identifiers</h4>
                                                <div id="content107" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%224b95f4897fa13f2cd904aee711aeafc0c5295cd8%22" target="_blank">commons-codec:commons-codec:1.10</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l52_8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5"></a>commons-collections-3.2.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Types that extend and augment the Java Collections Framework.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-collections\commons-collections\3.2.2\8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5\commons-collections-3.2.2.jar<br/>
                            <b>MD5:</b>&nbsp;f54a8510f834a1a57166970bfc982e94<br/>
                            <b>SHA1:</b>&nbsp;8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
                                                                                </p>
                                                <h4 id="header108" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content108" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-collections</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-collections</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.2.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-collections-3.2.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.2.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Types that extend and augment the Java Collections Framework.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/collections/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Collections</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.collections</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.2.2</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Collections</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://commons.apache.org/collections/</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.2.2</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.3))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons Collections</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-collections</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Types that extend and augment the Java Collections Framework.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-collections</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons Collections</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>3.2.2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/collections/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.2.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header109" class="subsectionheader white">Identifiers</h4>
                                                <div id="content109" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%228ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5%22" target="_blank">commons-collections:commons-collections:3.2.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:commons_collections:3.2.2
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('commons-collections-3.2.2.jar', '8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5', 'cpe', 'cpe:/a:apache:commons_collections:3.2.2')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l53_32cadde23955d7681b0d94a2715846d20b425235"></a>commons-configuration-1.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
        Tools to assist in the reading of configuration/preferences files in
        various formats
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-configuration\commons-configuration\1.6\32cadde23955d7681b0d94a2715846d20b425235\commons-configuration-1.6.jar<br/>
                            <b>MD5:</b>&nbsp;b099d9f9b4b99071cc52b259308df69a<br/>
                            <b>SHA1:</b>&nbsp;32cadde23955d7681b0d94a2715846d20b425235
                                                                                </p>
                                                <h4 id="header110" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content110" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-configuration</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-configuration</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-configuration-1.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Tools to assist in the reading of configuration/preferences files in        various formats</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/configuration/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Commons Configuration</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.configuration</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Commons Configuration</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Commons Configuration</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-configuration</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Tools to assist in the reading of configuration/preferences files in various formats </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-configuration</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Commons Configuration</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.6</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/configuration/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header111" class="subsectionheader white">Identifiers</h4>
                                                <div id="content111" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2232cadde23955d7681b0d94a2715846d20b425235%22" target="_blank">commons-configuration:commons-configuration:1.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l54_3dec9b9c7ea9342d4dbe8c38560080d85b44a015"></a>commons-digester-1.8.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    The Digester package lets you configure an XML to Java object mapping module
    which triggers certain actions called rules whenever a particular
    pattern of nested XML elements is recognized.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-digester\commons-digester\1.8.1\3dec9b9c7ea9342d4dbe8c38560080d85b44a015\commons-digester-1.8.1.jar<br/>
                            <b>MD5:</b>&nbsp;5002ecf033f5a79e398155823badb36a<br/>
                            <b>SHA1:</b>&nbsp;3dec9b9c7ea9342d4dbe8c38560080d85b44a015
                                                                                </p>
                                                <h4 id="header112" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content112" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-digester</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-digester</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-digester-1.8.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Digester package lets you configure an XML to Java object mapping module which triggers certain actions called rules whenever a particular pattern of nested XML elements is recognized.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/digester/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Commons Digester</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.digester</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.8.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Commons Digester</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Commons Digester</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-digester</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> The Digester package lets you configure an XML to Java object mapping module which triggers certain actions called rules whenever a particular pattern of nested XML elements is recognized. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-digester</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Commons Digester</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.8.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/digester/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header113" class="subsectionheader white">Identifiers</h4>
                                                <div id="content113" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223dec9b9c7ea9342d4dbe8c38560080d85b44a015%22" target="_blank">commons-digester:commons-digester:1.8.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l55_3a8ac816bbe02d2f88523ef22cbf2c4abd71d6a8"></a>commons-discovery-0.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Apache Commons Discovery component is about discovering, or finding,
  implementations for pluggable interfaces.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-discovery\commons-discovery\0.5\3a8ac816bbe02d2f88523ef22cbf2c4abd71d6a8\commons-discovery-0.5.jar<br/>
                            <b>MD5:</b>&nbsp;b35120680c3a22cec7a037fce196cd97<br/>
                            <b>SHA1:</b>&nbsp;3a8ac816bbe02d2f88523ef22cbf2c4abd71d6a8
                                                                                </p>
                                                <h4 id="header114" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content114" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-discovery</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-discovery</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-discovery-0.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Commons Discovery component is about discovering, or finding, implementations for pluggable interfaces.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/discovery/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Commons Discovery</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.discovery</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.5</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Commons Discovery</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.5</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Commons Discovery</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-discovery</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Apache Commons Discovery component is about discovering, or finding, implementations for pluggable interfaces.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-discovery</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Commons Discovery</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>0.5</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/discovery/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header115" class="subsectionheader white">Identifiers</h4>
                                                <div id="content115" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223a8ac816bbe02d2f88523ef22cbf2c4abd71d6a8%22" target="_blank">commons-discovery:commons-discovery:0.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l56_c621b54583719ac0310404463d6d99db27e1052c"></a>commons-fileupload-1.3.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart
    file upload functionality to servlets and web applications.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-fileupload\commons-fileupload\1.3.1\c621b54583719ac0310404463d6d99db27e1052c\commons-fileupload-1.3.1.jar<br/>
                            <b>MD5:</b>&nbsp;ed8eec445e21ec7e49b86bf3cbcffcbc<br/>
                            <b>SHA1:</b>&nbsp;c621b54583719ac0310404463d6d99db27e1052c
                                                                                </p>
                                                <h4 id="header116" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content116" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-fileupload</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-fileupload</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-fileupload-1.3.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-fileupload/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons FileUpload</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.fileupload</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.3.1</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>trunk@r1565338; 2014-02-06 17:03:20+0000</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons FileUpload</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.3.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons FileUpload</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-fileupload</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-fileupload</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons FileUpload</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.3.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-fileupload/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header117" class="subsectionheader white">Identifiers</h4>
                                                <div id="content117" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22c621b54583719ac0310404463d6d99db27e1052c%22" target="_blank">commons-fileupload:commons-fileupload:1.3.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:commons_fileupload:1.3.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('commons-fileupload-1.3.1.jar', 'c621b54583719ac0310404463d6d99db27e1052c', 'cpe', 'cpe:/a:apache:commons_fileupload:1.3.1')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l57_964cd74171f427720480efdec40a7c7f6e58426a"></a>commons-httpclient-3.1.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;The HttpClient  component supports the client-side of RFC 1945 (HTTP/1.0)  and RFC 2616 (HTTP/1.1) , several related specifications (RFC 2109 (Cookies) , RFC 2617 (HTTP Authentication) , etc.), and provides a framework by which new request types (methods) or HTTP extensions can be created easily.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License: http://www.apache.org/licenses/LICENSE-2.0</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-httpclient\commons-httpclient\3.1\964cd74171f427720480efdec40a7c7f6e58426a\commons-httpclient-3.1.jar<br/>
                            <b>MD5:</b>&nbsp;8ad8c9229ef2d59ab9f59f7050e846a5<br/>
                            <b>SHA1:</b>&nbsp;964cd74171f427720480efdec40a7c7f6e58426a
                                                                                </p>
                                                <h4 id="header118" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content118" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-httpclient</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-httpclient</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-httpclient-3.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>commons</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>httpclient</td></tr>
                                                                    <tr><td>Manifest</td><td>maven-version</td><td>1.1</td></tr>
                                                                    <tr><td>manifest: org/apache/commons/httpclient</td><td>Implementation-Title</td><td>org.apache.commons.httpclient</td></tr>
                                                                    <tr><td>manifest: org/apache/commons/httpclient</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/commons/httpclient</td><td>Implementation-Version</td><td>3.1</td></tr>
                                                                    <tr><td>manifest: org/apache/commons/httpclient</td><td>Specification-Title</td><td>Jakarta Commons HttpClient</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-httpclient</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The HttpClient component supports the client-side of RFC 1945 (HTTP/1.0) and RFC 2616 (HTTP/1.1) , several related specifications (RFC 2109 (Cookies) , RFC 2617 (HTTP Authentication) , etc.), and provides a framework by which new request types (methods) or HTTP extensions can be created easily.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-httpclient</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>HttpClient</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://jakarta.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jakarta.apache.org/httpcomponents/httpclient-3.x/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header119" class="subsectionheader white">Identifiers</h4>
                                                <div id="content119" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar" target="_blank">commons-httpclient:commons-httpclient:3.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:commons-httpclient:3.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('commons-httpclient-3.1.jar', '964cd74171f427720480efdec40a7c7f6e58426a', 'cpe', 'cpe:/a:apache:commons-httpclient:3.1')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:httpclient:3.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('commons-httpclient-3.1.jar', '964cd74171f427720480efdec40a7c7f6e58426a', 'cpe', 'cpe:/a:apache:httpclient:3.1')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header120" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content120" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5262">CVE-2015-5262</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('commons-httpclient-3.1.jar', '964cd74171f427720480efdec40a7c7f6e58426a', 'cve', 'CVE-2015-5262')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1626784">http://svn.apache.org/viewvc?view=revision&revision=1626784</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1261538">https://bugzilla.redhat.com/show_bug.cgi?id=1261538</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.apache.org/jira/browse/HTTPCLIENT-1478">https://issues.apache.org/jira/browse/HTTPCLIENT-1478</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html">FEDORA-2015-15588</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html">FEDORA-2015-15589</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html">FEDORA-2015-15590</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033743">1033743</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2769-1">USN-2769-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs4"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.3.5">cpe:/a:apache:httpclient:4.3.5</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3577">CVE-2014-3577</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('commons-httpclient-3.1.jar', '964cd74171f427720480efdec40a7c7f6e58426a', 'cve', 'CVE-2014-3577')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                            </p>
                            <p>org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a &quot;CN=&quot; string in a field in the distinguished name (DN) of a certificate, as demonstrated by the &quot;foo,CN=www.apache.org&quot; string in the O field.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/69258">69258</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://access.redhat.com/solutions/1165533">https://access.redhat.com/solutions/1165533</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Aug/48">20140818 CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html">http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html</a></li>
                                                                            <li>OSVDB - <a target="_blank" href="http://www.osvdb.org/110143">110143</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1146.html">RHSA-2014:1146</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1166.html">RHSA-2014:1166</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1833.html">RHSA-2014:1833</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1834.html">RHSA-2014:1834</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1835.html">RHSA-2014:1835</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1836.html">RHSA-2014:1836</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1891.html">RHSA-2014:1891</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1892.html">RHSA-2014:1892</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0125.html">RHSA-2015:0125</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0158.html">RHSA-2015:0158</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0850.html">RHSA-2015:0850</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0851.html">RHSA-2015:0851</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-1176.html">RHSA-2015:1176</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-1177.html">RHSA-2015:1177</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030812">1030812</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/60466">60466</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2769-1">USN-2769-1</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/95327">apache-cve20143577-spoofing(95327)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs5', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs5"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.3.4">cpe:/a:apache:httpclient:4.3.4</a>  and all previous versions</li>
                                    <li class="vs5">...</li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpasyncclient%3A4.0">cpe:/a:apache:httpasyncclient:4.0</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpasyncclient%3A4.0%3Aalpha1">cpe:/a:apache:httpasyncclient:4.0:alpha1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpasyncclient%3A4.0%3Aalpha2">cpe:/a:apache:httpasyncclient:4.0:alpha2</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpasyncclient%3A4.0%3Aalpha3">cpe:/a:apache:httpasyncclient:4.0:alpha3</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpasyncclient%3A4.0%3Abeta1">cpe:/a:apache:httpasyncclient:4.0:beta1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpasyncclient%3A4.0%3Abeta2">cpe:/a:apache:httpasyncclient:4.0:beta2</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpasyncclient%3A4.0%3Abeta3">cpe:/a:apache:httpasyncclient:4.0:beta3</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpasyncclient%3A4.0%3Abeta4">cpe:/a:apache:httpasyncclient:4.0:beta4</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpasyncclient%3A4.0.1">cpe:/a:apache:httpasyncclient:4.0.1</a>  and all previous versions</li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.0">cpe:/a:apache:httpclient:4.0</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.0%3Aalpha1">cpe:/a:apache:httpclient:4.0:alpha1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.0%3Aalpha2">cpe:/a:apache:httpclient:4.0:alpha2</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.0%3Aalpha3">cpe:/a:apache:httpclient:4.0:alpha3</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.0%3Aalpha4">cpe:/a:apache:httpclient:4.0:alpha4</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.0%3Abeta1">cpe:/a:apache:httpclient:4.0:beta1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.0%3Abeta2">cpe:/a:apache:httpclient:4.0:beta2</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.0.1">cpe:/a:apache:httpclient:4.0.1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.1">cpe:/a:apache:httpclient:4.1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.1%3Aalpha1">cpe:/a:apache:httpclient:4.1:alpha1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.1%3Aalpha2">cpe:/a:apache:httpclient:4.1:alpha2</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.1%3Abeta1">cpe:/a:apache:httpclient:4.1:beta1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.1.1">cpe:/a:apache:httpclient:4.1.1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.1.2">cpe:/a:apache:httpclient:4.1.2</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.2">cpe:/a:apache:httpclient:4.2</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.2%3Aalpha1">cpe:/a:apache:httpclient:4.2:alpha1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.2%3Abeta1">cpe:/a:apache:httpclient:4.2:beta1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.2.1">cpe:/a:apache:httpclient:4.2.1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.2.2">cpe:/a:apache:httpclient:4.2.2</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.2.3">cpe:/a:apache:httpclient:4.2.3</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.3">cpe:/a:apache:httpclient:4.3</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.3%3Aalpha1">cpe:/a:apache:httpclient:4.3:alpha1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.3%3Abeta1">cpe:/a:apache:httpclient:4.3:beta1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.3%3Abeta2">cpe:/a:apache:httpclient:4.3:beta2</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.3.1">cpe:/a:apache:httpclient:4.3.1</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.3.2">cpe:/a:apache:httpclient:4.3.2</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.3.3">cpe:/a:apache:httpclient:4.3.3</a> </li>
                                                                    <li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttpclient%3A4.3.4">cpe:/a:apache:httpclient:4.3.4</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6153">CVE-2012-6153</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('commons-httpclient-3.1.jar', '964cd74171f427720480efdec40a7c7f6e58426a', 'cve', 'CVE-2012-6153')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field.  NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/69257">69257</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1411705">http://svn.apache.org/viewvc?view=revision&revision=1411705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://access.redhat.com/solutions/1165533">https://access.redhat.com/solutions/1165533</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1129916">https://bugzilla.redhat.com/show_bug.cgi?id=1129916</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1098.html">RHSA-2014:1098</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1833.html">RHSA-2014:1833</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1834.html">RHSA-2014:1834</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1835.html">RHSA-2014:1835</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1836.html">RHSA-2014:1836</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1891.html">RHSA-2014:1891</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1892.html">RHSA-2014:1892</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0125.html">RHSA-2015:0125</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0158.html">RHSA-2015:0158</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0850.html">RHSA-2015:0850</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0851.html">RHSA-2015:0851</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2769-1">USN-2769-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs6', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs6"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acommons-httpclient%3A4.2.2">cpe:/a:apache:commons-httpclient:4.2.2</a>  and all previous versions</li>
                                    <li class="vs6">...</li>
                                                                    <li class="vs6 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acommons-httpclient%3A4.2">cpe:/a:apache:commons-httpclient:4.2</a> </li>
                                                                    <li class="vs6 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acommons-httpclient%3A4.2.1">cpe:/a:apache:commons-httpclient:4.2.1</a> </li>
                                                                    <li class="vs6 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acommons-httpclient%3A4.2.2">cpe:/a:apache:commons-httpclient:4.2.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l58_2852e6e05fbb95076fc091f6d1780f1f8fe35e0f"></a>commons-io-2.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-io\commons-io\2.5\2852e6e05fbb95076fc091f6d1780f1f8fe35e0f\commons-io-2.5.jar<br/>
                            <b>MD5:</b>&nbsp;e2d74794fba570ec2115fb9d5b05dc9b<br/>
                            <b>SHA1:</b>&nbsp;2852e6e05fbb95076fc091f6d1780f1f8fe35e0f
                                                                                </p>
                                                <h4 id="header121" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content121" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-io</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-io</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-io-2.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-io/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons IO</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.io</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.0</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/commons-io-2.5@r1739098; 2016-04-14 09:19:54-0400</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons IO</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://commons.apache.org/proper/commons-io/</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.5</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons IO</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-io</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
The Apache Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-io</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons IO</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.5</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-io/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header122" class="subsectionheader white">Identifiers</h4>
                                                <div id="content122" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%222852e6e05fbb95076fc091f6d1780f1f8fe35e0f%22" target="_blank">commons-io:commons-io:2.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l59_0ce1edb914c94ebc388f086c6827e8bdeec71ac2"></a>commons-lang-2.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
        Commons Lang, a package of Java utility classes for the
        classes that are in java.lang's hierarchy, or are considered to be so
        standard as to justify existence in java.lang.
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-lang\commons-lang\2.6\ce1edb914c94ebc388f086c6827e8bdeec71ac2\commons-lang-2.6.jar<br/>
                            <b>MD5:</b>&nbsp;4d5c1693079575b362edf41500630bbd<br/>
                            <b>SHA1:</b>&nbsp;0ce1edb914c94ebc388f086c6827e8bdeec71ac2
                                                                                </p>
                                                <h4 id="header123" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content123" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-lang</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-lang</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-lang-2.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.6</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/lang/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Commons Lang</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.lang</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.6</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Commons Lang</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.6</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Commons Lang</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-lang</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-lang</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Commons Lang</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.6</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/lang/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header124" class="subsectionheader white">Identifiers</h4>
                                                <div id="content124" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%220ce1edb914c94ebc388f086c6827e8bdeec71ac2%22" target="_blank">commons-lang:commons-lang:2.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l60_7d4cf5231d46c8524f9b9ed75bb2d1c69ab93322"></a>commons-logging-api-1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: /LICENSE.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-logging\commons-logging-api\1.1\7d4cf5231d46c8524f9b9ed75bb2d1c69ab93322\commons-logging-api-1.1.jar<br/>
                            <b>MD5:</b>&nbsp;4374238076ab08e60e0d296234480837<br/>
                            <b>SHA1:</b>&nbsp;7d4cf5231d46c8524f9b9ed75bb2d1c69ab93322
                                                                                </p>
                                                <h4 id="header125" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content125" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-logging-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-logging</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-logging-api-1.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>commons</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>impl</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>logging</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.commons.logging</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Jakarta Commons Logging</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Jakarta Commons Logging</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-logging-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Commons Logging is a thin adapter allowing configurable bridging to other, well known logging systems.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-logging</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Logging</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://jakarta.apache.org
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jakarta.apache.org/commons/logging/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header126" class="subsectionheader white">Identifiers</h4>
                                                <div id="content126" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.jar" target="_blank">commons-logging:commons-logging-api:1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l61_4bfc12adfe4842bf07b657f0369c4cb522955686"></a>commons-logging-1.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-logging\commons-logging\1.2\4bfc12adfe4842bf07b657f0369c4cb522955686\commons-logging-1.2.jar<br/>
                            <b>MD5:</b>&nbsp;040b4b4d8eac886f6b4a2a3bd2f31b00<br/>
                            <b>SHA1:</b>&nbsp;4bfc12adfe4842bf07b657f0369c4cb522955686
                                                                                </p>
                                                <h4 id="header127" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content127" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-logging</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-logging</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-logging-1.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Commons Logging is a thin adapter allowing configurable bridging to other, well known logging systems.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-logging/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Logging</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.logging</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2.0</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Logging</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons Logging</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-logging</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Commons Logging is a thin adapter allowing configurable bridging to other, well known logging systems.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-logging</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons Logging</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-logging/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header128" class="subsectionheader white">Identifiers</h4>
                                                <div id="content128" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%224bfc12adfe4842bf07b657f0369c4cb522955686%22" target="_blank">commons-logging:commons-logging:1.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l62_cd0d5510908225f76c5fe5a3f1df4fa44866f81e"></a>commons-net-3.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
Apache Commons Net library contains a collection of network utilities and protocol implementations.
Supported protocols include: Echo, Finger, FTP, NNTP, NTP, POP3(S), SMTP(S), Telnet, Whois
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-net\commons-net\3.3\cd0d5510908225f76c5fe5a3f1df4fa44866f81e\commons-net-3.3.jar<br/>
                            <b>MD5:</b>&nbsp;c077ca61598e9c21f43f8b6488fbbee9<br/>
                            <b>SHA1:</b>&nbsp;cd0d5510908225f76c5fe5a3f1df4fa44866f81e
                                                                                </p>
                                                <h4 id="header129" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content129" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-net</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-net</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-net-3.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Commons Net library contains a collection of network utilities and protocol implementations.Supported protocols include: Echo, Finger, FTP, NNTP, NTP, POP3(S), SMTP(S), Telnet, Whois</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-net/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Commons Net</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.net</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.3.0</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>trunk@r1490851; 2013-06-07 23:49:06+0100</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Commons Net</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.3</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Commons Net</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-net</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
Apache Commons Net library contains a collection of network utilities and protocol implementations.
Supported protocols include: Echo, Finger, FTP, NNTP, NTP, POP3(S), SMTP(S), Telnet, Whois </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-net</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Commons Net</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>3.3</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-net/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header130" class="subsectionheader white">Identifiers</h4>
                                                <div id="content130" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22cd0d5510908225f76c5fe5a3f1df4fa44866f81e%22" target="_blank">commons-net:commons-net:3.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l63_86d05a46e8f064b300657f751b5a98c62807e2a0"></a>commons-validator-1.5.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Apache Commons Validator provides the building blocks for both client side validation and server side data validation.
    It may be used standalone or with a framework like Struts.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\commons-validator\commons-validator\1.5.1\86d05a46e8f064b300657f751b5a98c62807e2a0\commons-validator-1.5.1.jar<br/>
                            <b>MD5:</b>&nbsp;67fad26aa0c1e884a6aa4249a6126a88<br/>
                            <b>SHA1:</b>&nbsp;86d05a46e8f064b300657f751b5a98c62807e2a0
                                                                                </p>
                                                <h4 id="header131" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content131" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-validator</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>commons-validator</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-validator-1.5.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Commons Validator provides the building blocks for both client side validation and server side data validation. It may be used standalone or with a framework ...</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-validator/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Validator</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.validator</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.5.1</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/VALIDATOR_1_5_1_RC2@r1740857; 2016-04-25 17:32:34+0000</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Validator</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://commons.apache.org/proper/commons-validator/</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5.1</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons Validator</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-validator</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Apache Commons Validator provides the building blocks for both client side validation and server side data validation. It may be used standalone or with a framework ...</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-validator</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons Validator</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.5.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-validator/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header132" class="subsectionheader white">Identifiers</h4>
                                                <div id="content132" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2286d05a46e8f064b300657f751b5a98c62807e2a0%22" target="_blank">commons-validator:commons-validator:1.5.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l64_f62cb75ed52455a9e68d1d05b84c500673340eb2"></a>boilerpipe-1.1.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The boilerpipe library provides algorithms to detect and remove the surplus &quot;clutter&quot; (boilerplate, templates) around the main textual content of a web page.

The library already provides specific strategies for common tasks (for example: news article extraction) and may also be easily extended for individual problem settings.

Extracting content is very fast (milliseconds), just needs the input document (no global or site-level information required) and is usually quite accurate.

Boilerpipe is a Java library written by Christian Kohlsch&uuml;tter. It is released under the Apache License 2.0.

The algorithms used by the library are based on (and extending) some concepts of the paper &quot;Boilerplate Detection using Shallow Text Features&quot; by Christian Kohlsch&uuml;tter et al., presented at WSDM 2010 -- The Third ACM International Conference on Web Search and Data Mining New York City, NY USA.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License 2.0</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\de.l3s.boilerpipe\boilerpipe\1.1.0\f62cb75ed52455a9e68d1d05b84c500673340eb2\boilerpipe-1.1.0.jar<br/>
                            <b>MD5:</b>&nbsp;0616568083786d0f49e2cb07a5d09fe4<br/>
                            <b>SHA1:</b>&nbsp;f62cb75ed52455a9e68d1d05b84c500673340eb2
                                                                                </p>
                                                <h4 id="header133" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content133" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>boilerpipe</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>de.l3s.boilerpipe</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>boilerpipe-1.1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>boilerpipe</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>de</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>l3s</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>boilerpipe</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The boilerpipe library provides algorithms to detect and remove the surplus &quot;clutter&quot; (boilerplate, templates) around the main textual content of a web page. The library already provides specific strategies for common tasks (for example: news article extraction) and may also be easily extended for individual problem settings. Extracting content is very fast (milliseconds), just needs the input document (no global or site-level information required) and is usually quite accurate. Boilerpipe is a Java library written by Christian Kohlsch&uuml;tter. It is released under the Apache License 2.0. The algorithms used by the library are based on (and extending) some concepts of the paper &quot;Boilerplate Detection using Shallow Text Features&quot; by Christian Kohlsch&uuml;tter et al., presented at WSDM 2010 -- The Third ACM International Conference on Web Search and Data Mining New York City, NY USA. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>de.l3s.boilerpipe</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Boilerpipe -- Boilerplate Removal and Fulltext Extraction from HTML pages</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://code.google.com/p/boilerpipe/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header134" class="subsectionheader white">Identifiers</h4>
                                                <div id="content134" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=de/l3s/boilerpipe/boilerpipe/1.1.0/boilerpipe-1.1.0.jar" target="_blank">de.l3s.boilerpipe:boilerpipe:1.1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l65_97958467acef4c2b230b72354a4eefc66628dd99"></a>juel-impl-2.2.7.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\de.odysseus.juel\juel-impl\2.2.7\97958467acef4c2b230b72354a4eefc66628dd99\juel-impl-2.2.7.jar<br/>
                            <b>MD5:</b>&nbsp;c5d7a62edafb5706b6beadbbcfd8f57d<br/>
                            <b>SHA1:</b>&nbsp;97958467acef4c2b230b72354a4eefc66628dd99
                                                                                </p>
                                                <h4 id="header135" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content135" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>juel-impl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>de.odysseus.juel</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.2.7</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>juel-impl-2.2.7</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.2.7</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>de</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>el</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>odysseus</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tree</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Expression Language Implementation</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>de.odysseus.juel-impl</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.2.7</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>JUEL</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Odysseus Software GmbH</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>de.odysseus</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.2.7</td></tr>
                                                                    <tr><td>Manifest</td><td>service-component</td><td>OSGI-INF/services.xml</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Expression Language</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems Inc.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>juel-impl</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>de.odysseus.juel</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Java Unified Expression Language Implementation</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>juel-parent</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.2.7</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header136" class="subsectionheader white">Identifiers</h4>
                                                <div id="content136" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=de/odysseus/juel/juel-impl/2.2.7/juel-impl-2.2.7.jar" target="_blank">de.odysseus.juel:juel-impl:2.2.7</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l66_ca146332a93720784f24a5a24bb71c6d545133bd"></a>juel-spi-2.2.7.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\de.odysseus.juel\juel-spi\2.2.7\ca146332a93720784f24a5a24bb71c6d545133bd\juel-spi-2.2.7.jar<br/>
                            <b>MD5:</b>&nbsp;a4df3c8482a97ae937081b7d0ab407bb<br/>
                            <b>SHA1:</b>&nbsp;ca146332a93720784f24a5a24bb71c6d545133bd
                                                                                </p>
                                                <h4 id="header137" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content137" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>juel-spi</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>de.odysseus.juel</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.2.7</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>juel-spi-2.2.7</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.2.7</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>JUEL</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Odysseus Software GmbH</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>de.odysseus</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.2.7</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Expression Language</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems Inc.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>juel-spi</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>de.odysseus.juel</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Java Unified Expression Language Service Provider</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>juel-parent</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.2.7</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header138" class="subsectionheader white">Identifiers</h4>
                                                <div id="content138" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=de/odysseus/juel/juel-spi/2.2.7/juel-spi-2.2.7.jar" target="_blank">de.odysseus.juel:juel-spi:2.2.7</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l67_5d3ccc056b6f056dbf0dddfdf43894b9065a8f94"></a>dom4j-1.6.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;dom4j: the flexible XML framework for Java<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\dom4j\dom4j\1.6.1\5d3ccc056b6f056dbf0dddfdf43894b9065a8f94\dom4j-1.6.1.jar<br/>
                            <b>MD5:</b>&nbsp;4d8f51d3fe3900efc6e395be48030d6d<br/>
                            <b>SHA1:</b>&nbsp;5d3ccc056b6f056dbf0dddfdf43894b9065a8f94
                                                                                </p>
                                                <h4 id="header139" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content139" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>dom4j</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>dom4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>dom4j-1.6.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom4j</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>dom4j</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.dom4j</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>MetaStuff Ltd.</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.6.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>dom4j : XML framework for Java</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>MetaStuff Ltd.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>dom4j</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>dom4j: the flexible XML framework for Java</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>dom4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>dom4j</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://sourceforge.net/projects/dom4j
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://dom4j.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header140" class="subsectionheader white">Identifiers</h4>
                                                <div id="content140" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=dom4j/dom4j/1.6.1/dom4j-1.6.1.jar" target="_blank">dom4j:dom4j:1.6.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l68_af1748a3d024069cb7fd3fc2591efe806c914589"></a>cdm-4.5.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    The NetCDF-Java Library is a Java interface to NetCDF files,
    as well as to many other types of scientific data formats.
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\edu.ucar\cdm\4.5.5\af1748a3d024069cb7fd3fc2591efe806c914589\cdm-4.5.5.jar<br/>
                            <b>MD5:</b>&nbsp;7770c86aabbd0ec5e12ed1f0600d5492<br/>
                            <b>SHA1:</b>&nbsp;af1748a3d024069cb7fd3fc2591efe806c914589
                                                                                </p>
                                                <h4 id="header141" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content141" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>cdm</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.5.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>cdm-4.5.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.5.5</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>20150306.1537</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>CDM core library</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>UCAR/Unidata</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>edu.ucar</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.5.5</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>cdm</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> The NetCDF-Java Library is a Java interface to NetCDF files, as well as to many other types of scientific data formats. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>CDM core library</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>thredds-parent</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.unidata.ucar.edu/software/netcdf-java/documentation.htm</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.5.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header142" class="subsectionheader white">Identifiers</h4>
                                                <div id="content142" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22af1748a3d024069cb7fd3fc2591efe806c914589%22" target="_blank">edu.ucar:cdm:4.5.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l69_cfe552910e9a8d57ce71134796abb281a74ead16"></a>grib-4.5.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Decoder for the GRIB format.
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\edu.ucar\grib\4.5.5\cfe552910e9a8d57ce71134796abb281a74ead16\grib-4.5.5.jar<br/>
                            <b>MD5:</b>&nbsp;0cb80276d8ea89cacc1d5632dbf39fe9<br/>
                            <b>SHA1:</b>&nbsp;cfe552910e9a8d57ce71134796abb281a74ead16
                                                                                </p>
                                                <h4 id="header143" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content143" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>grib</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.5.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>grib-4.5.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.5.5</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>20150306.1537</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>GRIB IOSP and Feature Collection</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>UCAR/Unidata</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>edu.ucar</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.5.5</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>grib</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
    Decoder for the GRIB format.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>GRIB IOSP and Feature Collection</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>thredds-parent</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.unidata.ucar.edu/software/netcdf-java/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.5.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header144" class="subsectionheader white">Identifiers</h4>
                                                <div id="content144" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22cfe552910e9a8d57ce71134796abb281a74ead16%22" target="_blank">edu.ucar:grib:4.5.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l70_ee5f217be599e5e03f7f0e55e03f9e721a154f62"></a>httpservices-4.5.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\edu.ucar\httpservices\4.5.5\ee5f217be599e5e03f7f0e55e03f9e721a154f62\httpservices-4.5.5.jar<br/>
                            <b>MD5:</b>&nbsp;c5207827b8b7e6045b2af7e1e8c5b1d4<br/>
                            <b>SHA1:</b>&nbsp;ee5f217be599e5e03f7f0e55e03f9e721a154f62
                                                                                </p>
                                                <h4 id="header145" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content145" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>httpservices</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.5.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>httpservices-4.5.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.5.5</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>20150306.1537</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>HttpClient Wrappers</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>UCAR/Unidata</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>edu.ucar</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.5.5</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>httpservices</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>HttpClient Wrappers</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>thredds-parent</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.unidata.ucar.edu/software/netcdf-java/documentation.htm</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.5.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header146" class="subsectionheader white">Identifiers</h4>
                                                <div id="content146" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22ee5f217be599e5e03f7f0e55e03f9e721a154f62%22" target="_blank">edu.ucar:httpservices:4.5.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l71_b857c9bdf12fe17d8ef98218eaa39e6a0c6ff493"></a>jj2000-5.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Fork of jpeg2k code from https://code.google.com/p/jj2000/.
		This is a dependency for support of compression in Grib2 files in netCDF-java and TDS.
		We welcome bug fixes and other contributions to this code.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\edu.ucar\jj2000\5.2\b857c9bdf12fe17d8ef98218eaa39e6a0c6ff493\jj2000-5.2.jar<br/>
                            <b>MD5:</b>&nbsp;61bc76a853403e6566975699194ab981<br/>
                            <b>SHA1:</b>&nbsp;b857c9bdf12fe17d8ef98218eaa39e6a0c6ff493
                                                                                </p>
                                                <h4 id="header147" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content147" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jj2000</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>5.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jj2000-5.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>5.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>j2k</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jj2000</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jj2000</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Fork of jpeg2k code from https://code.google.com/p/jj2000/. This is a dependency for support of compression in Grib2 files in netCDF-java and TDS. We welcome bug fixes and other contributions to this code.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Unidata jj2000</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/Unidata/jj2000</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>5.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header148" class="subsectionheader white">Identifiers</h4>
                                                <div id="content148" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22b857c9bdf12fe17d8ef98218eaa39e6a0c6ff493%22" target="_blank">edu.ucar:jj2000:5.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l72_0675d63ecc857c50dd50858011b670160aa30b62"></a>netcdf4-4.5.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\edu.ucar\netcdf4\4.5.5\675d63ecc857c50dd50858011b670160aa30b62\netcdf4-4.5.5.jar<br/>
                            <b>MD5:</b>&nbsp;5f14df469295650fd65748a003c9ba56<br/>
                            <b>SHA1:</b>&nbsp;0675d63ecc857c50dd50858011b670160aa30b62
                                                                                </p>
                                                <h4 id="header149" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content149" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>netcdf4</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.5.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>netcdf4-4.5.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.5.5</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>20150306.1537</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>netCDF-4 IOSP JNI connection to C library</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>UCAR/Unidata</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>edu.ucar</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.5.5</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>netcdf4</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>netCDF-4 IOSP JNI connection to C library</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>thredds-parent</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.5.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header150" class="subsectionheader white">Identifiers</h4>
                                                <div id="content150" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%220675d63ecc857c50dd50858011b670160aa30b62%22" target="_blank">edu.ucar:netcdf4:4.5.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l73_d8c8d65ade13666eedcf764889c69321c247f153"></a>udunits-4.5.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The ucar.units Java package is for decoding and encoding
    formatted unit specifications (e.g. &quot;m/s&quot;), converting numeric values
    between compatible units (e.g. between &quot;m/s&quot; and &quot;knot&quot;), and for
    performing arithmetic operations on units (e.g. dividing one unit by
    another, raising a unit to a power).<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\edu.ucar\udunits\4.5.5\d8c8d65ade13666eedcf764889c69321c247f153\udunits-4.5.5.jar<br/>
                            <b>MD5:</b>&nbsp;025ffadf77de73601443c8262c995df0<br/>
                            <b>SHA1:</b>&nbsp;d8c8d65ade13666eedcf764889c69321c247f153
                                                                                </p>
                                                <h4 id="header151" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content151" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>udunits</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.5.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>udunits-4.5.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.5.5</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>20150306.1537</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>udunits</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>UCAR/Unidata</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>edu.ucar</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.5.5</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>udunits</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The ucar.units Java package is for decoding and encoding formatted unit specifications (e.g. &quot;m/s&quot;), converting numeric values between compatible units (e.g. between &quot;m/s&quot; and &quot;knot&quot;), and for performing arithmetic operations on units (e.g. dividing one unit by another, raising a unit to a power).</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>edu.ucar</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>udunits</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>thredds-parent</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.unidata.ucar.edu/software/udunits//</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.5.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header152" class="subsectionheader white">Identifiers</h4>
                                                <div id="content152" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22d8c8d65ade13666eedcf764889c69321c247f153%22" target="_blank">edu.ucar:udunits:4.5.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l74_159a81631ed2cc1bc865f3d8e51239c9e8a20bea"></a>slice-0.10.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Library for efficiently working with heap and off-heap memory<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\io.airlift\slice\0.10\159a81631ed2cc1bc865f3d8e51239c9e8a20bea\slice-0.10.jar<br/>
                            <b>MD5:</b>&nbsp;a2c82d7e0ef14f52168354c14d72098f<br/>
                            <b>SHA1:</b>&nbsp;159a81631ed2cc1bc865f3d8e51239c9e8a20bea
                                                                                </p>
                                                <h4 id="header153" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content153" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>slice</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>io.airlift</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.10</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>slice-0.10</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.10</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>slice</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>io.airlift</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.10</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>slice</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>slice</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Library for efficiently working with heap and off-heap memory</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>io.airlift</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>slice</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>airbase</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>0.10</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/airlift/slice</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.10</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header154" class="subsectionheader white">Identifiers</h4>
                                                <div id="content154" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22159a81631ed2cc1bc865f3d8e51239c9e8a20bea%22" target="_blank">io.airlift:slice:0.10</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l75_e6cb541461c2834bdea3eb920f1884d1eb508b50"></a>activation-1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    JavaBeans Activation Framework (JAF) is a standard extension to the Java platform that lets you take advantage of standard services to: determine the type of an arbitrary piece of data; encapsulate access to it; discover the operations available on it; and instantiate the appropriate bean to perform the operation(s).
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Common Development and Distribution License (CDDL) v1.0: https://glassfish.dev.java.net/public/CDDLv1.0.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.activation\activation\1.1\e6cb541461c2834bdea3eb920f1884d1eb508b50\activation-1.1.jar<br/>
                            <b>MD5:</b>&nbsp;8ae38e87cd4f86059c0294a8fe3e0b18<br/>
                            <b>SHA1:</b>&nbsp;e6cb541461c2834bdea3eb920f1884d1eb508b50
                                                                                </p>
                                                <h4 id="header155" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content155" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>activation</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.activation</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>activation-1.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>activation</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.activation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Sun Microsystems, Inc.</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.sun</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>JavaBeans(TM) Activation Framework Specification</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems, Inc.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>activation</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> JavaBeans Activation Framework (JAF) is a standard extension to the Java platform that lets you take advantage of standard services to: determine the type of an arbitrary piece of data; encapsulate access to it; discover the operations available on it; and instantiate the appropriate bean to perform the operation(s). </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>javax.activation</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JavaBeans Activation Framework (JAF)</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://java.sun.com/products/javabeans/jaf/index.jsp</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header156" class="subsectionheader white">Identifiers</h4>
                                                <div id="content156" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=javax/activation/activation/1.1/activation-1.1.jar" target="_blank">javax.activation:activation:1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l76_479c1e06db31c432330183f5cae684163f186146"></a>javax.annotation-api-1.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Common Annotations for the JavaTM Platform API<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.annotation\javax.annotation-api\1.2\479c1e06db31c432330183f5cae684163f186146\javax.annotation-api-1.2.jar<br/>
                            <b>MD5:</b>&nbsp;75fe320d2b3763bd6883ae1ede35e987<br/>
                            <b>SHA1:</b>&nbsp;479c1e06db31c432330183f5cae684163f186146
                                                                                </p>
                                                <h4 id="header157" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content157" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>javax.annotation-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.annotation</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>javax.annotation-api-1.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Java(TM) Common Annotations 1.2 API Design Specification</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>https://glassfish.java.net</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>javax.annotation API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>javax.annotation-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.annotation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>GlassFish Community</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.glassfish</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Oracle Corporation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>javax.annotation-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Common Annotations for the JavaTM Platform API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>javax.annotation</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>${extension.name} API</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>https://glassfish.java.net
    </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jvnet-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>net.java</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jcp.org/en/jsr/detail?id=250</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header158" class="subsectionheader white">Identifiers</h4>
                                                <div id="content158" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22479c1e06db31c432330183f5cae684163f186146%22" target="_blank">javax.annotation:javax.annotation-api:1.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l77_8c0c970b8deae5054ff0bf4b17979c8181a506d3"></a>javax.el-api-3.0.1-b04.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Expression Language 3.0 API<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.el\javax.el-api\3.0.1-b04\8c0c970b8deae5054ff0bf4b17979c8181a506d3\javax.el-api-3.0.1-b04.jar<br/>
                            <b>MD5:</b>&nbsp;fe9f96efeb44172a4e8a54a81c93f39d<br/>
                            <b>SHA1:</b>&nbsp;8c0c970b8deae5054ff0bf4b17979c8181a506d3
                                                                                </p>
                                                <h4 id="header159" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content159" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>javax.el-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.el</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.0.1-b04</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>javax.el-api-3.0.1-b04</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.0.1.b04</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Expression Language 3.0 API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://glassfish.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Expression Language 3.0 API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>javax.el-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.0.0</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.el</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Oracle Corporation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.0.1-b04</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Oracle Corporation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>javax.el-api</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>javax.el</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Expression Language 3.0 API</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://glassfish.org
    </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jvnet-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>net.java</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>3.0.1-b04</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://uel.java.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.0.1-b04</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header160" class="subsectionheader white">Identifiers</h4>
                                                <div id="content160" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aoracle%3Aglassfish" target="_blank">cpe:/a:oracle:glassfish:3.0.1.b04</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('javax.el-api-3.0.1-b04.jar', '8c0c970b8deae5054ff0bf4b17979c8181a506d3', 'cpe', 'cpe:/a:oracle:glassfish:3.0.1.b04')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%228c0c970b8deae5054ff0bf4b17979c8181a506d3%22" target="_blank">javax.el:javax.el-api:3.0.1-b04</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header161" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content161" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2808">CVE-2015-2808</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('javax.el-api-3.0.1-b04.jar', '8c0c970b8deae5054ff0bf4b17979c8181a506d3', 'cve', 'CVE-2015-2808')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-310 Cryptographic Issues
                            </p>
                            <p>The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the &quot;Bar Mitzvah&quot; issue.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888">IV71888</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892">IV71892</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/73684">73684</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/91787">91787</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034">http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10727">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21883640">http://www-01.ibm.com/support/docview.wss?uid=swg21883640</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-304.ibm.com/support/docview.wss?uid=swg21903565">http://www-304.ibm.com/support/docview.wss?uid=swg21903565</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-304.ibm.com/support/docview.wss?uid=swg21960015">http://www-304.ibm.com/support/docview.wss?uid=swg21960015</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-304.ibm.com/support/docview.wss?uid=swg21960769">http://www-304.ibm.com/support/docview.wss?uid=swg21960769</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.huawei.com/en/psirt/security-advisories/hw-454055">http://www.huawei.com/en/psirt/security-advisories/hw-454055</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html">http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html">http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm">http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10163">https://kc.mcafee.com/corporate/index?page=content&id=SB10163</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709">https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2015/dsa-3339">DSA-3339</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="https://security.gentoo.org/glsa/201512-10">GLSA-201512-10</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=143456209711959&amp;w=2">HPSBGN03338</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=143629738517220&amp;w=2">HPSBGN03352</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=143629696317098&amp;w=2">HPSBGN03354</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144060576831314&amp;w=2">HPSBGN03399</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144069189622016&amp;w=2">HPSBGN03402</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144104565600964&amp;w=2">HPSBGN03403</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144060606031437&amp;w=2">HPSBGN03405</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144102017024820&amp;w=2">HPSBGN03407</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144059660127919&amp;w=2">HPSBGN03414</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144059703728085&amp;w=2">HPSBGN03415</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144043644216842&amp;w=2">HPSBMU03345</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144104533800819&amp;w=2">HPSBMU03401</a></li>
                                                                            <li>HP - <a target="_blank" href="https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04708650">SSRT102102</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=143818140118771&amp;w=2">SSRT102127</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=143817899717054&amp;w=2">SSRT102129</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=143817021313142&amp;w=2">SSRT102133</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=143741441012338&amp;w=2">SSRT102150</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144493176821532&amp;w=2">SSRT102254</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf">https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-1006.html">RHSA-2015:1006</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-1007.html">RHSA-2015:1007</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-1020.html">RHSA-2015:1020</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-1021.html">RHSA-2015:1021</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-1091.html">RHSA-2015:1091</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-1526.html">RHSA-2015:1526</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032599">1032599</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032707">1032707</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032708">1032708</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032734">1032734</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032788">1032788</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032858">1032858</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032868">1032868</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033386">1033386</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033415">1033415</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033431">1033431</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033432">1033432</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033737">1033737</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033769">1033769</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html">SUSE-SU-2015:1073</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html">SUSE-SU-2015:1085</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html">SUSE-SU-2015:1086</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html">SUSE-SU-2015:1138</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html">SUSE-SU-2015:1161</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html">SUSE-SU-2015:1319</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html">SUSE-SU-2015:1320</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html">SUSE-SU-2015:2166</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html">SUSE-SU-2015:2192</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html">SUSE-SU-2016:0113</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html">openSUSE-SU-2015:1288</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html">openSUSE-SU-2015:1289</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2696-1">USN-2696-1</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2706-1">USN-2706-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs7', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs7"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Aglassfish">cpe:/a:oracle:glassfish</a> </li>
                                    <li class="vs7">...</li>
                                                                    <li class="vs7 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapple%3Asafari">cpe:/a:apple:safari</a> </li>
                                                                    <li class="vs7 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agoogle%3Achrome%3A-">cpe:/a:google:chrome:-</a> </li>
                                                                    <li class="vs7 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Awebsphere_application_server">cpe:/a:ibm:websphere_application_server</a> </li>
                                                                    <li class="vs7 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ajboss%3Ajboss_enterprise_application_server">cpe:/a:jboss:jboss_enterprise_application_server</a> </li>
                                                                    <li class="vs7 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Aie">cpe:/a:microsoft:ie</a> </li>
                                                                    <li class="vs7 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Aiis">cpe:/a:microsoft:iis</a> </li>
                                                                    <li class="vs7 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amozilla%3Afirefox">cpe:/a:mozilla:firefox</a> </li>
                                                                    <li class="vs7 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aopera%3Aopera_browser%3A-">cpe:/a:opera:opera_browser:-</a> </li>
                                                                    <li class="vs7 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Aglassfish">cpe:/a:oracle:glassfish</a> </li>
                                                                    <li class="vs7 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Asun%3Aglassfish_enterprise_server">cpe:/a:sun:glassfish_enterprise_server</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2566">CVE-2013-2566</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('javax.el-api-3.0.1-b04.jar', '8c0c970b8deae5054ff0bf4b17979c8181a506d3', 'cve', 'CVE-2013-2566')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-310 Cryptographic Issues
                            </p>
                            <p>The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/58796">58796</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4">http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.mozilla.org/security/announce/2013/mfsa2013-103.html">http://www.mozilla.org/security/announce/2013/mfsa2013-103.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.opera.com/docs/changelogs/unified/1215/">http://www.opera.com/docs/changelogs/unified/1215/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.opera.com/security/advisory/1046">http://www.opera.com/security/advisory/1046</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html">http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-201406-19.xml">GLSA-201406-19</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="https://security.gentoo.org/glsa/201504-01">GLSA-201504-01</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=143039468003789&amp;w=2">SSRT102035</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html">http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://cr.yp.to/talks/2013.03.12/slides.pdf">http://cr.yp.to/talks/2013.03.12/slides.pdf</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.isg.rhul.ac.uk/tls/">http://www.isg.rhul.ac.uk/tls/</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2031-1">USN-2031-1</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2032-1">USN-2032-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs8', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs8"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Aglassfish">cpe:/a:oracle:glassfish</a> </li>
                                    <li class="vs8">...</li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapple%3Asafari">cpe:/a:apple:safari</a> </li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agoogle%3Achrome%3A-">cpe:/a:google:chrome:-</a> </li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Awebsphere_application_server">cpe:/a:ibm:websphere_application_server</a> </li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ajboss%3Ajboss_enterprise_application_server">cpe:/a:jboss:jboss_enterprise_application_server</a> </li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Aie">cpe:/a:microsoft:ie</a> </li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Aiis">cpe:/a:microsoft:iis</a> </li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amozilla%3Afirefox">cpe:/a:mozilla:firefox</a> </li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aopera%3Aopera_browser%3A-">cpe:/a:opera:opera_browser:-</a> </li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Aglassfish">cpe:/a:oracle:glassfish</a> </li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Asparc-opl_service_processor%3A1121">cpe:/a:oracle:sparc-opl_service_processor:1121</a>  and all previous versions</li>
                                                                    <li class="vs8 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Asun%3Aglassfish_enterprise_server">cpe:/a:sun:glassfish_enterprise_server</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l78_ab2fb094fc5297ae5636ef6ed0d6051d5a656588"></a>jsr-275-0.9.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    JSR-275 specifies Java packages for the programmatic handling
    of physical quantities and their expression as numbers of units.
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Specification License: LICENSE.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.measure\jsr-275\0.9.3\ab2fb094fc5297ae5636ef6ed0d6051d5a656588\jsr-275-0.9.3.jar<br/>
                            <b>MD5:</b>&nbsp;e7a135baa55ec464055d75e4fd4d6b6f<br/>
                            <b>SHA1:</b>&nbsp;ab2fb094fc5297ae5636ef6ed0d6051d5a656588
                                                                                </p>
                                                <h4 id="header162" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content162" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jsr-275</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.measure</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.9.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jsr-275-0.9.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.9.3</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Measures and Units</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>javax.measure</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.9.3</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>JSR-275</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.9.3</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jsr-275</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> JSR-275 specifies Java packages for the programmatic handling of physical quantities and their expression as numbers of units. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>javax.measure</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JSR-275</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://jscience.org
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://kenai.com/projects/jsr-275</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.9.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header163" class="subsectionheader white">Identifiers</h4>
                                                <div id="content163" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22ab2fb094fc5297ae5636ef6ed0d6051d5a656588%22" target="_blank">javax.measure:jsr-275:0.9.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l79_5725f57873e05e068803e2bf9d5a8ea3740ffec5"></a>persistence-api-1.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    The Enterprise JavaBeans architecture is a component architecture for the development and deployment of component-based business applications.
    The purpose of Enterprise JavaBeans (EJB) 3.0 is to improve the EJB architecture by reducing its complexity from the developer's point of view.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Common Development and Distribution License (CDDL) v1.0: http://www.sun.com/cddl/cddl.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.persistence\persistence-api\1.0\5725f57873e05e068803e2bf9d5a8ea3740ffec5\persistence-api-1.0.jar<br/>
                            <b>MD5:</b>&nbsp;aeb56ad8210370d0cd5c0e995eb0d16c<br/>
                            <b>SHA1:</b>&nbsp;5725f57873e05e068803e2bf9d5a8ea3740ffec5
                                                                                </p>
                                                <h4 id="header164" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content164" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>persistence-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.persistence</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>persistence-api-1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>persistence</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.persistence</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Sun Microsystems, Inc., Oracle Corp.</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>javax.persistence</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Java Platform, Persistence  Specification</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems, Inc., Oracle Corp.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>persistence-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> The Enterprise JavaBeans architecture is a component architecture for the development and deployment of component-based business applications. The purpose of Enterprise JavaBeans (EJB) 3.0 is to improve the EJB architecture by reducing its complexity from the developer's point of view. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>javax.persistence</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Enterprise JavaBeans (EJB) 3.0</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.jcp.org/en/jsr/detail?id=220</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header165" class="subsectionheader white">Identifiers</h4>
                                                <div id="content165" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=javax/persistence/persistence-api/1.0/persistence-api-1.0.jar" target="_blank">javax.persistence:persistence-api:1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l80_3795334f4306b194003e16dfba4111a0467a49bd"></a>javax.servlet.jsp-api-2.3.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java.net - The Source for Java Technology Collaboration<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">CDDL + GPLv2 with classpath exception: http://glassfish.dev.java.net/nonav/public/CDDL+GPL.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.servlet.jsp\javax.servlet.jsp-api\2.3.0\3795334f4306b194003e16dfba4111a0467a49bd\javax.servlet.jsp-api-2.3.0.jar<br/>
                            <b>MD5:</b>&nbsp;53f58345d415a6150e5945a6875a0ce9<br/>
                            <b>SHA1:</b>&nbsp;3795334f4306b194003e16dfba4111a0467a49bd
                                                                                </p>
                                                <h4 id="header166" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content166" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>javax.servlet.jsp-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.servlet.jsp</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.3.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>javax.servlet.jsp-api-2.3.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.3.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Java.net - The Source for Java Technology Collaboration</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://glassfish.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>JavaServer Pages(TM) API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>javax.servlet.jsp-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.3.0</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.servlet.jsp</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Oracle Corporation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.3.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Oracle Corporation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>javax.servlet.jsp-api</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>javax.servlet.jsp</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JavaServer Pages(TM) API</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://glassfish.org
    </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jvnet-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>net.java</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.3.0</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jsp.java.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.3.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header167" class="subsectionheader white">Identifiers</h4>
                                                <div id="content167" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223795334f4306b194003e16dfba4111a0467a49bd%22" target="_blank">javax.servlet.jsp:javax.servlet.jsp-api:2.3.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l81_3cd63d075497751784b2fa84be59432f4905bf7c"></a>javax.servlet-api-3.1.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java(TM) Servlet 3.1 API Design Specification<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.servlet\javax.servlet-api\3.1.0\3cd63d075497751784b2fa84be59432f4905bf7c\javax.servlet-api-3.1.0.jar<br/>
                            <b>MD5:</b>&nbsp;79de69e9f5ed8c7fcb8342585732bbf7<br/>
                            <b>SHA1:</b>&nbsp;3cd63d075497751784b2fa84be59432f4905bf7c
                                                                                </p>
                                                <h4 id="header168" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content168" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>javax.servlet-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.servlet</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>javax.servlet-api-3.1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.1.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Java(TM) Servlet 3.1 API Design Specification</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>https://glassfish.dev.java.net</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Java Servlet API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>javax.servlet-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.servlet</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>GlassFish Community</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.glassfish</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Oracle Corporation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>javax.servlet-api</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>javax.servlet</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Java Servlet API</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>https://glassfish.dev.java.net
    </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jvnet-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>net.java</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>3.1.0</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://servlet-spec.java.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header169" class="subsectionheader white">Identifiers</h4>
                                                <div id="content169" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223cd63d075497751784b2fa84be59432f4905bf7c%22" target="_blank">javax.servlet:javax.servlet-api:3.1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l82_3fc542fe8bb8164e8d3e840fe7403bc0518053c0"></a>servlet-api-2.4.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.servlet\servlet-api\2.4\3fc542fe8bb8164e8d3e840fe7403bc0518053c0\servlet-api-2.4.jar<br/>
                            <b>MD5:</b>&nbsp;f6cf3fde0b992589ed3d87fa9674015f<br/>
                            <b>SHA1:</b>&nbsp;3fc542fe8bb8164e8d3e840fe7403bc0518053c0
                                                                                </p>
                                                <h4 id="header170" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content170" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>servlet-api</td></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>servletapi</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.servlet</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>servletapi</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.4</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.4.public_draft</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>servlet-api-2.4</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.4</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>servlet</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Implementation-Title</td><td>javax.servlet</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Implementation-Version</td><td>2.4.public_draft</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Specification-Title</td><td>Java API for Servlets</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>servletapi</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>servletapi</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.4</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                                                                            <h4 id="header171" class="subsectionheader white">Identifiers</h4>
                                                <div id="content171" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=javax/servlet/servlet-api/2.4/servlet-api-2.4.jar" target="_blank">javax.servlet:servlet-api:2.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=javax/servlet/servlet-api/2.4.public_draft/servlet-api-2.4.public_draft.jar" target="_blank">javax.servlet:servlet-api:2.4.public_draft</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=servletapi/servlet-api/2.4/servlet-api-2.4.jar" target="_blank">servletapi:servlet-api:2.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=servletapi/servletapi/2.4/servletapi-2.4.jar" target="_blank">servletapi:servletapi:2.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=servletapi/servletapi/2.4.public_draft/servletapi-2.4.public_draft.jar" target="_blank">servletapi:servletapi:2.4.public_draft</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l83_3dd157a4f4fe115ac5d165d6c21463d0ce9e3c7b"></a>jta-1.0.1B.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.transaction\jta\1.0.1B\3dd157a4f4fe115ac5d165d6c21463d0ce9e3c7b\jta-1.0.1B.jar<br/>
                            <b>MD5:</b>&nbsp;c6e3e528816227b97f6b21f709641f8f<br/>
                            <b>SHA1:</b>&nbsp;3dd157a4f4fe115ac5d165d6c21463d0ce9e3c7b
                                                                                </p>
                                                <h4 id="header172" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content172" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>jta-1.0.1B</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.1b</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>transaction</td></tr>
                                                            </table>
                        </div>
                                                                        <h4 id="header173" class="subsectionheader white">Identifiers</h4>
                                                <div id="content173" class="subsectioncontent standardsubsection">
                                                    <ul><li><b>None</b></li></ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l84_104e9c2b5583cfcfeac0402316221648d6d8ea6b"></a>javax.ws.rs-api-2.0.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java API for RESTful Web Services (JAX-RS)<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">CDDL 1.1: http://glassfish.java.net/public/CDDL+GPL_1_1.html
GPL2 w/ CPE: http://glassfish.java.net/public/CDDL+GPL_1_1.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.ws.rs\javax.ws.rs-api\2.0.1\104e9c2b5583cfcfeac0402316221648d6d8ea6b\javax.ws.rs-api-2.0.1.jar<br/>
                            <b>MD5:</b>&nbsp;edcd111cf4d3ba8ac8e1f326efc37a17<br/>
                            <b>SHA1:</b>&nbsp;104e9c2b5583cfcfeac0402316221648d6d8ea6b
                                                                                </p>
                                                <h4 id="header174" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content174" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>javax.ws.rs-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.ws.rs</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.0.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>javax.ws.rs-api-2.0.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.0.1</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>08/07/2014 02:08 PM</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Java API for RESTful Web Services (JAX-RS)</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.oracle.com/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>javax.ws.rs-api</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>javax.ws.rs-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.0.1</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.ws.rs</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.0.1</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Oracle Corporation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>javax.ws.rs-api</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>javax.ws.rs</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>javax.ws.rs-api</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.oracle.com/
    </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jvnet-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>net.java</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.0.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jax-rs-spec.java.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.0.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header175" class="subsectionheader white">Identifiers</h4>
                                                <div id="content175" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22104e9c2b5583cfcfeac0402316221648d6d8ea6b%22" target="_blank">javax.ws.rs:javax.ws.rs-api:2.0.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l85_59033da2a1afd56af1ac576750a8d0b1830d59e6"></a>jsr311-api-1.1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">
                CDDL License
            : http://www.opensource.org/licenses/cddl1.php</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.ws.rs\jsr311-api\1.1.1\59033da2a1afd56af1ac576750a8d0b1830d59e6\jsr311-api-1.1.1.jar<br/>
                            <b>MD5:</b>&nbsp;c9803468299ec255c047a280ddec510f<br/>
                            <b>SHA1:</b>&nbsp;59033da2a1afd56af1ac576750a8d0b1830d59e6
                                                                                </p>
                                                <h4 id="header176" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content176" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jsr311-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.ws.rs</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jsr311-api-1.1.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>11/09/2009 01:45 PM</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.sun.com/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>jsr311-api</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>javax.ws.rs.jsr311-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.ws.rs</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>JAX-RS: Java API for RESTful Web Services</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems, Inc.</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-version</td><td>Specification-Version</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jsr311-api</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>javax.ws.rs</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>jsr311-api</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.sun.com/
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://jsr311.dev.java.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header177" class="subsectionheader white">Identifiers</h4>
                                                <div id="content177" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2259033da2a1afd56af1ac576750a8d0b1830d59e6%22" target="_blank">javax.ws.rs:jsr311-api:1.1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l86_0b2dfeed54ac106bcd714ba59c1f52ef9167d56e"></a>jaxb-api-2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.xml.bind\jaxb-api\2.1\b2dfeed54ac106bcd714ba59c1f52ef9167d56e\jaxb-api-2.1.jar<br/>
                            <b>MD5:</b>&nbsp;63f750861245626b7338e2d2e6a33068<br/>
                            <b>SHA1:</b>&nbsp;0b2dfeed54ac106bcd714ba59c1f52ef9167d56e
                                                                                </p>
                                                <h4 id="header178" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content178" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>jaxb-api-2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bind</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.xml.bind</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Java Architecture for XML Binding</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems, Inc.</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-version</td><td>Specification-Version</td></tr>
                                                            </table>
                        </div>
                                                                        <h4 id="header179" class="subsectionheader white">Identifiers</h4>
                                                <div id="content179" class="subsectioncontent standardsubsection">
                                                    <ul><li><b>None</b></li></ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l87_d6337b0de8b25e53e81b922352fbea9f9f57ba0b"></a>stax-api-1.0-2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    StAX is a standard XML processing API that allows you to stream XML data from and to your application.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">GNU General Public Library: http://www.gnu.org/licenses/gpl.txt
COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0: http://www.sun.com/cddl/cddl.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.xml.stream\stax-api\1.0-2\d6337b0de8b25e53e81b922352fbea9f9f57ba0b\stax-api-1.0-2.jar<br/>
                            <b>MD5:</b>&nbsp;7d18b63063580284c3f5734081fdc99f<br/>
                            <b>SHA1:</b>&nbsp;d6337b0de8b25e53e81b922352fbea9f9f57ba0b
                                                                                </p>
                                                <h4 id="header180" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content180" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>stax-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>javax.xml.stream</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0-2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>stax-api-1.0-2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>stream</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>stax-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> StAX is a standard XML processing API that allows you to stream XML data from and to your application. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>javax.xml.stream</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Streaming API for XML</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0-2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header181" class="subsectionheader white">Identifiers</h4>
                                                <div id="content181" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=javax/xml/stream/stax-api/1.0-2/stax-api-1.0-2.jar" target="_blank">javax.xml.stream:stax-api:1.0-2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l88_9312ad67022b4dec8df8689d0b7dbac9cd612525"></a>xmldsig-1.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\javax.xml\xmldsig\1.0\9312ad67022b4dec8df8689d0b7dbac9cd612525\xmldsig-1.0.jar<br/>
                            <b>MD5:</b>&nbsp;563644fef6e9f3c8c5d78b84b4a5b95a<br/>
                            <b>SHA1:</b>&nbsp;9312ad67022b4dec8df8689d0b7dbac9cd612525
                                                                                </p>
                                                <h4 id="header182" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content182" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>xmldsig-1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>crypto</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dsig</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>javax.xml.crypto.dsig</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>JSR 105 Implementation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Sun Microsystems and IBM</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.0.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Java(TM) XML Digital Signature API</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems and IBM</td></tr>
                                                            </table>
                        </div>
                                                                        <h4 id="header183" class="subsectionheader white">Identifiers</h4>
                                                <div id="content183" class="subsectioncontent standardsubsection">
                                                    <ul><li><b>None</b></li></ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l89_3f8c36d9a0578e8e98f030c662b69888b1430ac0"></a>jaxen-1.1.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Jaxen is a universal Java XPath engine.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://jaxen.codehaus.org/license.html">http://jaxen.codehaus.org/license.html</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\jaxen\jaxen\1.1.6\3f8c36d9a0578e8e98f030c662b69888b1430ac0\jaxen-1.1.6.jar<br/>
                            <b>MD5:</b>&nbsp;a140517286b56eea981e188dcc3a13f6<br/>
                            <b>SHA1:</b>&nbsp;3f8c36d9a0578e8e98f030c662b69888b1430ac0
                                                                                </p>
                                                <h4 id="header184" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content184" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jaxen</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>jaxen</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jaxen-1.1.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1.6</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jaxen is a universal Java XPath engine.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://codehaus.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>jaxen</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>jaxen</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1.6</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jaxen</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Jaxen is a universal Java XPath engine.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>jaxen</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>jaxen</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://codehaus.org
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jaxen.codehaus.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header185" class="subsectionheader white">Identifiers</h4>
                                                <div id="content185" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223f8c36d9a0578e8e98f030c662b69888b1430ac0%22" target="_blank">jaxen:jaxen:1.1.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l90_a2ac1cd690ab4c80defe7f9bce14d35934c35cec"></a>jdom-1.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\jdom\jdom\1.0\a2ac1cd690ab4c80defe7f9bce14d35934c35cec\jdom-1.0.jar<br/>
                            <b>MD5:</b>&nbsp;0b8f97de82fc9529b1028a77125ce4f8<br/>
                            <b>SHA1:</b>&nbsp;a2ac1cd690ab4c80defe7f9bce14d35934c35cec
                                                                                </p>
                                                <h4 id="header186" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content186" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jdom</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>com.sun.phobos</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>jdom</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jdom-1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jdom</td></tr>
                                                                    <tr><td>manifest: org/jdom/</td><td>Implementation-Title</td><td>org.jdom</td></tr>
                                                                    <tr><td>manifest: org/jdom/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/jdom/</td><td>Specification-Title</td><td>JDOM Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom/adapters/</td><td>Implementation-Title</td><td>org.jdom.adapters</td></tr>
                                                                    <tr><td>manifest: org/jdom/adapters/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom/adapters/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/jdom/adapters/</td><td>Specification-Title</td><td>JDOM Adapter Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom/filter/</td><td>Implementation-Title</td><td>org.jdom.filter</td></tr>
                                                                    <tr><td>manifest: org/jdom/filter/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom/filter/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/jdom/filter/</td><td>Specification-Title</td><td>JDOM Filter Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom/input/</td><td>Implementation-Title</td><td>org.jdom.input</td></tr>
                                                                    <tr><td>manifest: org/jdom/input/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom/input/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/jdom/input/</td><td>Specification-Title</td><td>JDOM Input Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom/output/</td><td>Implementation-Title</td><td>org.jdom.output</td></tr>
                                                                    <tr><td>manifest: org/jdom/output/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom/output/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/jdom/output/</td><td>Specification-Title</td><td>JDOM Output Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom/transform/</td><td>Implementation-Title</td><td>org.jdom.transform</td></tr>
                                                                    <tr><td>manifest: org/jdom/transform/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom/transform/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/jdom/transform/</td><td>Specification-Title</td><td>JDOM Transformation Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom/xpath/</td><td>Implementation-Title</td><td>org.jdom.xpath</td></tr>
                                                                    <tr><td>manifest: org/jdom/xpath/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom/xpath/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/jdom/xpath/</td><td>Specification-Title</td><td>JDOM XPath Classes</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jdom</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>sun.phobos</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JDOM library</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.jdom.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                <h4 id="header187" class="subsectionheader white">Identifiers</h4>
                                                <div id="content187" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=com/sun/phobos/jdom/1.0/jdom-1.0.jar" target="_blank">com.sun.phobos:jdom:1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=jdom/jdom/1.0/jdom-1.0.jar" target="_blank">jdom:jdom:1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l91_a5f29a7acaddea3f4af307e8cf2d0cc82645fd7d"></a>joda-time-2.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Date and time library to replace JDK date handling<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\joda-time\joda-time\2.2\a5f29a7acaddea3f4af307e8cf2d0cc82645fd7d\joda-time-2.2.jar<br/>
                            <b>MD5:</b>&nbsp;226f5207543c490f10f234e82108b998<br/>
                            <b>SHA1:</b>&nbsp;a5f29a7acaddea3f4af307e8cf2d0cc82645fd7d
                                                                                </p>
                                                <h4 id="header188" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content188" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>joda-time</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>joda-time</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>joda-time-2.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.2</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://joda-time.sourceforge.net/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Joda-Time</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>joda-time</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.2</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>joda-time</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.joda.time</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Joda.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.joda</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.2</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Joda-Time</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Joda.org</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>joda-time</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Date and time library to replace JDK date handling</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>joda-time</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Joda time</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.joda.org
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://joda-time.sourceforge.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header189" class="subsectionheader white">Identifiers</h4>
                                                <div id="content189" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22a5f29a7acaddea3f4af307e8cf2d0cc82645fd7d%22" target="_blank">joda-time:joda-time:2.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l92_64417b3bafdecd366afa514bd5beeae6c1f85ece"></a>junit-dep-4.10.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
        JUnit is a regression testing framework written by Erich Gamma and Kent Beck.
        It is used by the developer who implements unit tests in Java.
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Common Public License Version 1.0: http://www.opensource.org/licenses/cpl1.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\junit\junit-dep\4.10\64417b3bafdecd366afa514bd5beeae6c1f85ece\junit-dep-4.10.jar<br/>
                            <b>MD5:</b>&nbsp;842f5d05ce8160b43ae47fce1746869e<br/>
                            <b>SHA1:</b>&nbsp;64417b3bafdecd366afa514bd5beeae6c1f85ece
                                                                                </p>
                                                <h4 id="header190" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content190" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>junit-dep</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>junit</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.10</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>junit-dep-4.10</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.10</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>junit</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>junit-dep</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> JUnit is a regression testing framework written by Erich Gamma and Kent Beck. It is used by the developer who implements unit tests in Java. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>junit</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JUnit</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.junit.org
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://junit.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.10</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header191" class="subsectionheader white">Identifiers</h4>
                                                <div id="content191" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=junit/junit-dep/4.10/junit-dep-4.10.jar" target="_blank">junit:junit-dep:4.10</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l93_07e4cde26b53a9a0e3fe5b00d1dbbc7cc1d46060"></a>junit-3.8.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    JUnit is a regression testing framework written by Erich Gamma and Kent Beck. It is used by the developer who implements unit tests in Java.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Common Public License Version 1.0: http://www.opensource.org/licenses/cpl1.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\junit\junit\3.8.2\7e4cde26b53a9a0e3fe5b00d1dbbc7cc1d46060\junit-3.8.2.jar<br/>
                            <b>MD5:</b>&nbsp;28e7eb9eeefe31a657c68755bfccc541<br/>
                            <b>SHA1:</b>&nbsp;07e4cde26b53a9a0e3fe5b00d1dbbc7cc1d46060
                                                                                </p>
                                                <h4 id="header192" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content192" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>junit</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>junit</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.8.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>junit-3.8.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.8.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>junit</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>junit</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> JUnit is a regression testing framework written by Erich Gamma and Kent Beck. It is used by the developer who implements unit tests in Java. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>junit</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JUnit</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.junit.org
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://junit.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.8.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header193" class="subsectionheader white">Identifiers</h4>
                                                <div id="content193" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=junit/junit/3.8.2/junit-3.8.2.jar" target="_blank">junit:junit:3.8.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l94_2973d150c0dc1fefe998f834810d68f278ea58ec"></a>junit-4.12.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License 1.0: http://www.eclipse.org/legal/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\junit\junit\4.12\2973d150c0dc1fefe998f834810d68f278ea58ec\junit-4.12.jar<br/>
                            <b>MD5:</b>&nbsp;5b38c40c97fbd0adee29f91e60405584<br/>
                            <b>SHA1:</b>&nbsp;2973d150c0dc1fefe998f834810d68f278ea58ec
                                                                                </p>
                                                <h4 id="header194" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content194" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>junit</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>junit</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.12</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>junit-4.12</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.12</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>junit</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>JUnit</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>JUnit</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>junit</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.12</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>junit</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>junit</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JUnit</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.junit.org
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://junit.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.12</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header195" class="subsectionheader white">Identifiers</h4>
                                                <div id="content195" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=junit/junit/4.12/junit-4.12.jar" target="_blank">junit:junit:4.12</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l95_5af35056b4d257e4b64b9e8069c0746e8b08629f"></a>log4j-1.2.17.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Log4j 1.2<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\log4j\log4j\1.2.17\5af35056b4d257e4b64b9e8069c0746e8b08629f\log4j-1.2.17.jar<br/>
                            <b>MD5:</b>&nbsp;04a41f0a068986f0f73485cf507c0f40<br/>
                            <b>SHA1:</b>&nbsp;5af35056b4d257e4b64b9e8069c0746e8b08629f
                                                                                </p>
                                                <h4 id="header196" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content196" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>log4j</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>log4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.17</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>log4j-1.2.17</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.17</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Log4j 1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://logging.apache.org/log4j/1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Log4j</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>log4j</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2.17</td></tr>
                                                                    <tr><td>manifest: org.apache.log4j</td><td>Implementation-Title</td><td>log4j</td></tr>
                                                                    <tr><td>manifest: org.apache.log4j</td><td>Implementation-Vendor</td><td>&quot;Apache Software Foundation&quot;</td></tr>
                                                                    <tr><td>manifest: org.apache.log4j</td><td>Implementation-Version</td><td>1.2.17</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>log4j</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Log4j 1.2</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>log4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Log4j</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://logging.apache.org/log4j/1.2/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.17</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header197" class="subsectionheader white">Identifiers</h4>
                                                <div id="content197" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%225af35056b4d257e4b64b9e8069c0746e8b08629f%22" target="_blank">log4j:log4j:1.2.17</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l96_cc4aa02f5cc8773876aad173517d20438b1b60ea"></a>ical4j-1.0-rc3-atlassian-11.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
		A Java library for reading and writing iCalendar (*.ics) files
	<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">iCal4j - License: LICENSE</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.fortuna.ical4j\ical4j\1.0-rc3-atlassian-11\cc4aa02f5cc8773876aad173517d20438b1b60ea\ical4j-1.0-rc3-atlassian-11.jar<br/>
                            <b>MD5:</b>&nbsp;62338bf588ceb0a7404746cd751f5db9<br/>
                            <b>SHA1:</b>&nbsp;cc4aa02f5cc8773876aad173517d20438b1b60ea
                                                                                </p>
                                                <h4 id="header198" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content198" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>ical4j-1.0-rc3-atlassian-11</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.rc3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>A Java library for reading and writing iCalendar (*.ics) files</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>iCal4j</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>net.fortuna.ical4j</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.0.rc3-atlassian-11</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.4))&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ical4j</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
		A Java library for reading and writing iCalendar (*.ics) files
	</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.fortuna.ical4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>iCal4j</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ical4j.sourceforge.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0-rc3-atlassian-11</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header199" class="subsectionheader white">Identifiers</h4>
                                                <div id="content199" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;net.fortuna.ical4j:ical4j:1.0-rc3-atlassian-11
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l97_1c12d070e602efd8021891cdd7fd18bc129372d4"></a>jna-4.1.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Java Native Access<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
ASL, version 2: http://www.apache.org/licenses/</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.java.dev.jna\jna\4.1.0\1c12d070e602efd8021891cdd7fd18bc129372d4\jna-4.1.0.jar<br/>
                            <b>MD5:</b>&nbsp;b0e08c9936dc52aa40439c71fcad6297<br/>
                            <b>SHA1:</b>&nbsp;1c12d070e602efd8021891cdd7fd18bc129372d4
                                                                                </p>
                                                <h4 id="header200" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content200" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jna</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>net.java.dev.jna</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jna-4.1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.1.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jna</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sun</td></tr>
                                                                    <tr><td>jar (hint)</td><td>package name</td><td>oracle</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>JNA Library</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>jna</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-nativecode</td><td> com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince,  com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos,  com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix,  com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux,  com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd,  com/sun/jna/darwin/libjnidispatch.jnilib; osname=macosx;processor=x86;processor=x86-64;processor=ppc </td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.sun.jna</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>4.1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>com.sun.jna</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>JNA Development Team</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.1.0 (b4)</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Java Native Access (JNA)</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>JNA Development Team</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jna</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Java Native Access</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.java.dev.jna</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Java Native Access</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/twall/jna</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header201" class="subsectionheader white">Identifiers</h4>
                                                <div id="content201" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:sun:linux:4.1.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jna-4.1.0.jar', '1c12d070e602efd8021891cdd7fd18bc129372d4', 'cpe', 'cpe:/a:sun:linux:4.1.0')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:sun:sunos:4.1.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jna-4.1.0.jar', '1c12d070e602efd8021891cdd7fd18bc129372d4', 'cpe', 'cpe:/a:sun:sunos:4.1.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=net/java/dev/jna/jna/4.1.0/jna-4.1.0.jar" target="_blank">net.java.dev.jna:jna:4.1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header202" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content202" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0217">CVE-2012-0217</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('jna-4.1.0.jar', '1c12d070e602efd8021891cdd7fd18bc129372d4', 'cve', 'CVE-2012-0217')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application.  NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
                                                                    <ul>
                                                                            <li>CERT - <a target="_blank" href="http://www.us-cert.gov/cas/techalerts/TA12-164A.html">TA12-164A</a></li>
                                                                            <li>CERT-VN - <a target="_blank" href="http://www.kb.cert.org/vuls/id/649219">VU#649219</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/">http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/">http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://smartos.org/2012/06/15/smartos-news-3/">http://smartos.org/2012/06/15/smartos-news-3/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.citrix.com/article/CTX133161">http://support.citrix.com/article/CTX133161</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012">http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html">http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=813428">https://bugzilla.redhat.com/show_bug.cgi?id=813428</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://www.illumos.org/issues/2873">https://www.illumos.org/issues/2873</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2012/dsa-2501">DSA-2501</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2012/dsa-2508">DSA-2508</a></li>
                                                                            <li>FREEBSD - <a target="_blank" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc">FreeBSD-SA-12:04</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-201309-24.xml">GLSA-201309-24</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2013:150">MDVSA-2013:150</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html">[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html">[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217</a></li>
                                                                            <li>MS - <a target="_blank" href="http://technet.microsoft.com/security/bulletin/MS12-042">MS12-042</a></li>
                                                                            <li>NETBSD - <a target="_blank" href="http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc">NetBSD-SA2012-003</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs9', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs9"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Asun%3Asunos%3A5.11">cpe:/a:sun:sunos:5.11</a>  and all previous versions</li>
                                    <li class="vs9">...</li>
                                                                    <li class="vs9 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acitrix%3Axenserver%3A6.0">cpe:/a:citrix:xenserver:6.0</a> </li>
                                                                    <li class="vs9 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Acitrix%3Axenserver%3A6.0.2">cpe:/a:citrix:xenserver:6.0.2</a>  and all previous versions</li>
                                                                    <li class="vs9 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Afreebsd%3Afreebsd%3A9.0">cpe:/a:freebsd:freebsd:9.0</a>  and all previous versions</li>
                                                                    <li class="vs9 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aillumos%3Aillumos%3Ar13723">cpe:/a:illumos:illumos:r13723</a>  and all previous versions</li>
                                                                    <li class="vs9 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ajoyent%3Asmartos%3A20120614">cpe:/a:joyent:smartos:20120614</a>  and all previous versions</li>
                                                                    <li class="vs9 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Anetbsd%3Anetbsd%3A6.0%3Abeta">cpe:/a:netbsd:netbsd:6.0:beta</a>  and all previous versions</li>
                                                                    <li class="vs9 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Asun%3Asunos%3A5.11">cpe:/a:sun:sunos:5.11</a>  and all previous versions</li>
                                                                    <li class="vs9 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Axen%3Axen%3A4.1.2">cpe:/a:xen:xen:4.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l98_67167f2b2fce8db5f9f64a372b0da54730d3ee51"></a>jna-4.1.0.jar: jnidispatch.dll</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.java.dev.jna\jna\4.1.0\1c12d070e602efd8021891cdd7fd18bc129372d4\jna-4.1.0.jar\com\sun\jna\w32ce-arm\jnidispatch.dll<br/>
                            <b>MD5:</b>&nbsp;57697cbdd321ae7d06f5da04e821f908<br/>
                            <b>SHA1:</b>&nbsp;67167f2b2fce8db5f9f64a372b0da54730d3ee51
                                                                                </p>
                                                <h4 id="header203" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content203" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>jnidispatch</td></tr>
                                                            </table>
                        </div>
                                                                        <h4 id="header204" class="subsectionheader white">Identifiers</h4>
                                                <div id="content204" class="subsectioncontent standardsubsection">
                                                    <ul><li><b>None</b></li></ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l99_bd1bdda9a91f3b0d9067e323f7394bef933f81f6"></a>jna-4.1.0.jar: jnidispatch.dll</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.java.dev.jna\jna\4.1.0\1c12d070e602efd8021891cdd7fd18bc129372d4\jna-4.1.0.jar\com\sun\jna\win32-x86-64\jnidispatch.dll<br/>
                            <b>MD5:</b>&nbsp;06b2f1f909d2436dff20d7a668ef26a9<br/>
                            <b>SHA1:</b>&nbsp;bd1bdda9a91f3b0d9067e323f7394bef933f81f6
                                                                                </p>
                                                <h4 id="header205" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content205" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>jnidispatch</td></tr>
                                                            </table>
                        </div>
                                                                        <h4 id="header206" class="subsectionheader white">Identifiers</h4>
                                                <div id="content206" class="subsectioncontent standardsubsection">
                                                    <ul><li><b>None</b></li></ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l100_8b32cc82740fc62afdf5ea211f1ca8bb72269bbf"></a>jna-4.1.0.jar: jnidispatch.dll</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.java.dev.jna\jna\4.1.0\1c12d070e602efd8021891cdd7fd18bc129372d4\jna-4.1.0.jar\com\sun\jna\win32-x86\jnidispatch.dll<br/>
                            <b>MD5:</b>&nbsp;05a72ada9247aeb114a9ef01a394b6c4<br/>
                            <b>SHA1:</b>&nbsp;8b32cc82740fc62afdf5ea211f1ca8bb72269bbf
                                                                                </p>
                                                <h4 id="header207" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content207" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>jnidispatch</td></tr>
                                                            </table>
                        </div>
                                                                        <h4 id="header208" class="subsectionheader white">Identifiers</h4>
                                                <div id="content208" class="subsectioncontent standardsubsection">
                                                    <ul><li><b>None</b></li></ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l101_afba4942caaeaf46aab0b976afd57cc7c181467e"></a>jcip-annotations-1.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.jcip\jcip-annotations\1.0\afba4942caaeaf46aab0b976afd57cc7c181467e\jcip-annotations-1.0.jar<br/>
                            <b>MD5:</b>&nbsp;9d5272954896c5a5d234f66b7372b17a<br/>
                            <b>SHA1:</b>&nbsp;afba4942caaeaf46aab0b976afd57cc7c181467e
                                                                                </p>
                                                <h4 id="header209" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content209" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jcip-annotations</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>net.jcip</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jcip-annotations-1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>annotations</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jcip</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>net</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jcip-annotations</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.jcip</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>&quot;Java Concurrency in Practice&quot; book annotations</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jcip.net/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header210" class="subsectionheader white">Identifiers</h4>
                                                <div id="content210" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=net/jcip/jcip-annotations/1.0/jcip-annotations-1.0.jar" target="_blank">net.jcip:jcip-annotations:1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l102_38749ed6e6412628c45d5ba344a0ab796e6807f9"></a>barcode4j-fop-ext-2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Barcode4J is a flexible generator for barcodes written in Java.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.sf.barcode4j\barcode4j-fop-ext\2.1\38749ed6e6412628c45d5ba344a0ab796e6807f9\barcode4j-fop-ext-2.1.jar<br/>
                            <b>MD5:</b>&nbsp;c78625e84ca0fd2853cf327505d99396<br/>
                            <b>SHA1:</b>&nbsp;38749ed6e6412628c45d5ba344a0ab796e6807f9
                                                                                </p>
                                                <h4 id="header211" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content211" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>barcode4j-fop-ext</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>net.sf.barcode4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>barcode4j-fop-ext-2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>barcode4j</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>image</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>krysalis</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>loader</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150211-075131-CET</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Barcode4J Library</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://barcode4j.sourceforge.net</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Barcode4J Project</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.1.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>barcode4j-fop-ext</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Barcode4J is a flexible generator for barcodes written in Java.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.sf.barcode4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Barcode4J extensions for Apache FOP 0.93 and later</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://barcode4j.sourceforge.net/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header212" class="subsectionheader white">Identifiers</h4>
                                                <div id="content212" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=net/sf/barcode4j/barcode4j-fop-ext/2.1/barcode4j-fop-ext-2.1.jar" target="_blank">net.sf.barcode4j:barcode4j-fop-ext:2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l103_4b38b2219c0d522fcea8238493f2ea3e238ef529"></a>barcode4j-2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Barcode4J is a flexible generator for barcodes written in Java.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.sf.barcode4j\barcode4j\2.1\4b38b2219c0d522fcea8238493f2ea3e238ef529\barcode4j-2.1.jar<br/>
                            <b>MD5:</b>&nbsp;4fc30cdb7b1abaf1ce08f26b0666e351<br/>
                            <b>SHA1:</b>&nbsp;4b38b2219c0d522fcea8238493f2ea3e238ef529
                                                                                </p>
                                                <h4 id="header213" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content213" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>barcode4j</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>net.sf.barcode4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>barcode4j-2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>barcode4j</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>impl</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>krysalis</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20101214-171903-CET</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://barcode4j.sourceforge.net</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Barcode4J</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.krysalis.barcode4j</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Barcode4J Library</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://barcode4j.sourceforge.net</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Barcode4J Project</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.1.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>barcode4j</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Barcode4J is a flexible generator for barcodes written in Java.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.sf.barcode4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Barcode4J</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://barcode4j.sourceforge.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header214" class="subsectionheader white">Identifiers</h4>
                                                <div id="content214" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=net/sf/barcode4j/barcode4j/2.1/barcode4j-2.1.jar" target="_blank">net.sf.barcode4j:barcode4j:2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l104_3baecd92015a9f8fe4cf51c8b5d3a5bddcdd3e86"></a>ehcache-core-2.6.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;This is the ehcache core module. Pair it with other modules for added functionality.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: src/assemble/EHCACHE-CORE-LICENSE.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.sf.ehcache\ehcache-core\2.6.2\3baecd92015a9f8fe4cf51c8b5d3a5bddcdd3e86\ehcache-core-2.6.2.jar<br/>
                            <b>MD5:</b>&nbsp;b6abecd2c01070700a9001b33b94b3f4<br/>
                            <b>SHA1:</b>&nbsp;3baecd92015a9f8fe4cf51c8b5d3a5bddcdd3e86
                                                                                </p>
                                                <h4 id="header215" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content215" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ehcache-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>net.sf.ehcache</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ehcache-core-2.6.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ehcache-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>This is the ehcache core module. Pair it with other modules for added functionality.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.sf.ehcache</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Ehcache Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>ehcache-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.6.2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ehcache.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header216" class="subsectionheader white">Identifiers</h4>
                                                <div id="content216" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223baecd92015a9f8fe4cf51c8b5d3a5bddcdd3e86%22" target="_blank">net.sf.ehcache:ehcache-core:2.6.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l105_e86399a80ae6a6c7a563717eaa0ce9ba4708571c"></a>ehcache-core-2.6.2.jar: sizeof-agent.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.sf.ehcache\ehcache-core\2.6.2\3baecd92015a9f8fe4cf51c8b5d3a5bddcdd3e86\ehcache-core-2.6.2.jar\net\sf\ehcache\pool\sizeof\sizeof-agent.jar<br/>
                            <b>MD5:</b>&nbsp;5ad919b3ac0516897bdca079c9a222a8<br/>
                            <b>SHA1:</b>&nbsp;e86399a80ae6a6c7a563717eaa0ce9ba4708571c
                                                                                </p>
                                                <h4 id="header217" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content217" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>sizeof-agent</td></tr>
                                                                    <tr><td>Manifest</td><td>hudson-build-number</td><td>6</td></tr>
                                                                    <tr><td>Manifest</td><td>hudson-project</td><td>sizeof-agent_sizeof-agent-1.0.1_publisher</td></tr>
                                                                    <tr><td>Manifest</td><td>hudson-version</td><td>1.449</td></tr>
                                                                    <tr><td>Manifest</td><td>jenkins-build-number</td><td>6</td></tr>
                                                                    <tr><td>Manifest</td><td>jenkins-project</td><td>sizeof-agent_sizeof-agent-1.0.1_publisher</td></tr>
                                                                    <tr><td>Manifest</td><td>jenkins-version</td><td>1.449</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>sizeof-agent</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.sf.ehcache</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Ehcache Size-Of Agent</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>ehcache-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.0.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.ehcache.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header218" class="subsectionheader white">Identifiers</h4>
                                                <div id="content218" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;net.sf.ehcache:sizeof-agent:1.0.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l106_461752b4e3d73a5815737df243782ac70112b489"></a>ehcache-1.2.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;

ehcache is a pure Java, in-process cache with the following features:

   1. Fast.
   2. Simple.
   3. Multiple eviction policies: LRU, LFU and FIFO.
   4. Caches can be in memory or on disk.
   5. Disk Stores can be persistent between VM restarts.
   6. Distributed caching using multicast and RMI, with a pluggable API.
   7. Cache and CacheManager listeners
   8. Supports multiple Caches per CacheManager, and multiple CacheManagers per application.
   9. Acts as a pluggable cache for Hibernate 3.1, 3 and 2.1.
   10. Small foot print. Both in terms of size and memory requirements.
   11. Minimal dependencies apart from J2SE.
   12. Fully documented. See the online Documentation and the online JavaDoc.
   13. Comprehensive Test Coverage. See the clover test report.
   14. Available under the Apache 1.1 license. EHCache's copyright and licensing has been reviewed and approved by the Apache Software Foundation, making EHCache suitable for use in Apache projects.
   15. Production tested. EHCache is used on a large and very busy eCommerce site.
   16. Web caching, pull-through caches and other common caching implementations are provided in the ehcache-constructs module.

    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://ehcache.sourceforge.net/LICENSE.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.sf.ehcache\ehcache\1.2.3\461752b4e3d73a5815737df243782ac70112b489\ehcache-1.2.3.jar<br/>
                            <b>MD5:</b>&nbsp;e26a78a6249bb308dc13c2c5a7980567<br/>
                            <b>SHA1:</b>&nbsp;461752b4e3d73a5815737df243782ac70112b489
                                                                                </p>
                                                <h4 id="header219" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content219" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ehcache</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>net.sf.ehcache</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ehcache-1.2.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ehcache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>net</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sf</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ehcache</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> ehcache is a pure Java, in-process cache with the following features: 1. Fast. 2. Simple. 3. Multiple eviction policies: LRU, LFU and FIFO. 4. Caches can be in memory or on disk. 5. Disk Stores can be persistent between VM restarts. 6. Distributed caching using multicast and RMI, with a pluggable API. 7. Cache and CacheManager listeners 8. Supports multiple Caches per CacheManager, and multiple CacheManagers per application. 9. Acts as a pluggable cache for Hibernate 3.1, 3 and 2.1. 10. Small foot print. Both in terms of size and memory requirements. 11. Minimal dependencies apart from J2SE. 12. Fully documented. See the online Documentation and the online JavaDoc. 13. Comprehensive Test Coverage. See the clover test report. 14. Available under the Apache 1.1 license. EHCache's copyright and licensing has been reviewed and approved by the Apache Software Foundation, making EHCache suitable for use in Apache projects. 15. Production tested. EHCache is used on a large and very busy eCommerce site. 16. Web caching, pull-through caches and other common caching implementations are provided in the ehcache-constructs module. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.sf.ehcache</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>ehcache</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ehcache.sf.net</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header220" class="subsectionheader white">Identifiers</h4>
                                                <div id="content220" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=net/sf/ehcache/ehcache/1.2.3/ehcache-1.2.3.jar" target="_blank">net.sf.ehcache:ehcache:1.2.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l107_7108e5b6a8875fe0488d942238575407c7ab8649"></a>jwnl-1.3.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
  	JWNL is an API for accessing WordNet-style relational dictionaries. It also provides
  	functionality beyond data access, such as relationship discovery and morphological
  	processing.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">BSD 3-Clause License: http://jwordnet.svn.sourceforge.net/svnroot/jwordnet/trunk/jwnl/license.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.sf.jwordnet\jwnl\1.3.3\7108e5b6a8875fe0488d942238575407c7ab8649\jwnl-1.3.3.jar<br/>
                            <b>MD5:</b>&nbsp;5332f834387eddf0206a48ba65b1e792<br/>
                            <b>SHA1:</b>&nbsp;7108e5b6a8875fe0488d942238575407c7ab8649
                                                                                </p>
                                                <h4 id="header221" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content221" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jwnl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>net.sf.jwordnet</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jwnl-1.3.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>didion</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jwnl</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>net</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jwnl</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> JWNL is an API for accessing WordNet-style relational dictionaries. It also provides functionality beyond data access, ...</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.sf.jwordnet</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Java WordNet Library</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jwordnet.sourceforge.net/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header222" class="subsectionheader white">Identifiers</h4>
                                                <div id="content222" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:wordnet:wordnet:1.3.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jwnl-1.3.3.jar', '7108e5b6a8875fe0488d942238575407c7ab8649', 'cpe', 'cpe:/a:wordnet:wordnet:1.3.3')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=net/sf/jwordnet/jwnl/1.3.3/jwnl-1.3.3.jar" target="_blank">net.sf.jwordnet:jwnl:1.3.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l108_df72993ea17d34c3bacd983558d2970a866abaf6"></a>jmatio-1.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
        Matlab's MAT-file I/O API in JAVA. Supports Matlab 5 MAT-flie format reading and writing. Written in pure JAVA.
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">BSD: http://www.linfo.org/bsdlicense.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.sourceforge.jmatio\jmatio\1.0\df72993ea17d34c3bacd983558d2970a866abaf6\jmatio-1.0.jar<br/>
                            <b>MD5:</b>&nbsp;43be2be98c772ac63fb9d7c958fed6ca<br/>
                            <b>SHA1:</b>&nbsp;df72993ea17d34c3bacd983558d2970a866abaf6
                                                                                </p>
                                                <h4 id="header223" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content223" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jmatio</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>net.sourceforge.jmatio</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jmatio-1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jmatio</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>types</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jmatio</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Matlab's MAT-file I/O API in JAVA. Supports Matlab 5 MAT-flie format reading and writing. Written in pure JAVA. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.sourceforge.jmatio</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>jmatio</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://sourceforge.net/projects/jmatio/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header224" class="subsectionheader white">Identifiers</h4>
                                                <div id="content224" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22df72993ea17d34c3bacd983558d2970a866abaf6%22" target="_blank">net.sourceforge.jmatio:jmatio:1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l109_6b58cfa01218d900a5c5996b82b52cffab981c0a"></a>nekohtml-1.9.12.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\net.sourceforge.nekohtml\nekohtml\1.9.12\6b58cfa01218d900a5c5996b82b52cffab981c0a\nekohtml-1.9.12.jar<br/>
                            <b>MD5:</b>&nbsp;0e5bd4ce84fab674dbc0c95c4bd193d0<br/>
                            <b>SHA1:</b>&nbsp;6b58cfa01218d900a5c5996b82b52cffab981c0a
                                                                                </p>
                                                <h4 id="header225" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content225" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>nekohtml</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>net.sourceforge.nekohtml</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.9.12</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>nekohtml-1.9.12</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.9.12</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>cyberneko</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>html</td></tr>
                                                                    <tr><td>manifest: org/cyberneko/html/</td><td>Implementation-Title</td><td>CyberNeko HTML Parser</td></tr>
                                                                    <tr><td>manifest: org/cyberneko/html/</td><td>Implementation-Vendor</td><td>Andy Clark</td></tr>
                                                                    <tr><td>manifest: org/cyberneko/html/</td><td>Implementation-Version</td><td>1.9.12</td></tr>
                                                                    <tr><td>manifest: org/cyberneko/html/</td><td>Specification-Title</td><td>Hyper-Text Markup Language (HTML)</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>nekohtml</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>net.sourceforge.nekohtml</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Neko HTML</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://nekohtml.sourceforge.net/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.9.12</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header226" class="subsectionheader white">Identifiers</h4>
                                                <div id="content226" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=net/sourceforge/nekohtml/nekohtml/1.9.12/nekohtml-1.9.12.jar" target="_blank">net.sourceforge.nekohtml:nekohtml:1.9.12</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l110_fad9692184899994e977b647998f9fa4a9cfec35"></a>ognl-2.6.9.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;OGNL stands for Object-Graph Navigation Language; it is an expression language for getting and setting properties of Java objects.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">BSD License: http://www.opensource.org/licenses/bsd-license.php</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\ognl\ognl\2.6.9\fad9692184899994e977b647998f9fa4a9cfec35\ognl-2.6.9.jar<br/>
                            <b>MD5:</b>&nbsp;fb4d30eab3ed221ada77479685d608c2<br/>
                            <b>SHA1:</b>&nbsp;fad9692184899994e977b647998f9fa4a9cfec35
                                                                                </p>
                                                <h4 id="header227" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content227" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ognl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>ognl</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6.9</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ognl-2.6.9</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.6.9</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ognl</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>OGNL</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.6.9</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ognl</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>OGNL stands for Object-Graph Navigation Language; it is an expression language for getting and setting properties of Java objects.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>ognl</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>OGNL</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.ognl.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6.9</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header228" class="subsectionheader white">Identifiers</h4>
                                                <div id="content228" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=ognl/ognl/2.6.9/ognl-2.6.9.jar" target="_blank">ognl:ognl:2.6.9</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l111_66144204f9d6d7d3f3f775622c2dd7e9bd511d97"></a>antlr4-runtime-4.5.1-1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The ANTLR 4 Runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.antlr.org/license.html">http://www.antlr.org/license.html</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.antlr\antlr4-runtime\4.5.1-1\66144204f9d6d7d3f3f775622c2dd7e9bd511d97\antlr4-runtime-4.5.1-1.jar<br/>
                            <b>MD5:</b>&nbsp;c57e3c5fd251603e1d815ec1d6fde69b<br/>
                            <b>SHA1:</b>&nbsp;66144204f9d6d7d3f3f775622c2dd7e9bd511d97
                                                                                </p>
                                                <h4 id="header229" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content229" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>antlr4-runtime</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.antlr</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.5.1-1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>antlr4-runtime-4.5.1-1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.5.1.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The ANTLR 4 Runtime</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.antlr.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>ANTLR 4 Runtime</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.antlr.antlr4-runtime-osgi</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>4.5.1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>ANTLR 4 Runtime</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>ANTLR</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.antlr</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.5.1-1</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>antlr4-runtime</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The ANTLR 4 Runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>antlr</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>ANTLR 4 Runtime</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>antlr4-master</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.antlr</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.5.1-1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header230" class="subsectionheader white">Identifiers</h4>
                                                <div id="content230" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2266144204f9d6d7d3f3f775622c2dd7e9bd511d97%22" target="_blank">org.antlr:antlr4-runtime:4.5.1-1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l112_cc83eb94ddcef9c12d5ede5feac3f31a3d320e82"></a>ant-junit-1.9.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;contains the junit and junirreport tasks<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ant\ant-junit\1.9.0\cc83eb94ddcef9c12d5ede5feac3f31a3d320e82\ant-junit-1.9.0.jar<br/>
                            <b>MD5:</b>&nbsp;99a7567e995ab2591d0cd7c3349f02e2<br/>
                            <b>SHA1:</b>&nbsp;cc83eb94ddcef9c12d5ede5feac3f31a3d320e82
                                                                                </p>
                                                <h4 id="header231" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content231" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ant-junit</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.9.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ant-junit-1.9.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.9.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ant</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>taskdefs</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tools</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/taskdefs/optional/</td><td>Implementation-Title</td><td>org.apache.tools.ant</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/taskdefs/optional/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/taskdefs/optional/</td><td>Implementation-Version</td><td>1.9.0</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/taskdefs/optional/</td><td>Specification-Title</td><td>Apache Ant</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ant-junit</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>contains the junit and junirreport tasks</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Ant + JUnit</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>ant-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ant.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.9.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header232" class="subsectionheader white">Identifiers</h4>
                                                <div id="content232" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant-junit/1.9.0/ant-junit-1.9.0.jar" target="_blank">org.apache.ant:ant-junit:1.9.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l113_12629dc0fe3bc89199f83c1cbf7f844f2d0801de"></a>ant-junit-1.9.7.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;contains the junit and junirreport tasks<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ant\ant-junit\1.9.7\12629dc0fe3bc89199f83c1cbf7f844f2d0801de\ant-junit-1.9.7.jar<br/>
                            <b>MD5:</b>&nbsp;d2aea68c381c3f5ba9267d6e487283b2<br/>
                            <b>SHA1:</b>&nbsp;12629dc0fe3bc89199f83c1cbf7f844f2d0801de
                                                                                </p>
                                                <h4 id="header233" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content233" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ant-junit</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.9.7</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ant-junit-1.9.7</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.9.7</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ant</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>taskdefs</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tools</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/taskdefs/optional/</td><td>Implementation-Title</td><td>org.apache.tools.ant</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/taskdefs/optional/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/taskdefs/optional/</td><td>Implementation-Version</td><td>1.9.7</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/taskdefs/optional/</td><td>Specification-Title</td><td>Apache Ant</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ant-junit</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>contains the junit and junirreport tasks</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Ant + JUnit</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>ant-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ant.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.9.7</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header234" class="subsectionheader white">Identifiers</h4>
                                                <div id="content234" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant-junit/1.9.7/ant-junit-1.9.7.jar" target="_blank">org.apache.ant:ant-junit:1.9.7</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l114_a76484a4e3a893dd0ee018afef34f74df8e4ef6c"></a>ant-launcher-1.9.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ant\ant-launcher\1.9.0\a76484a4e3a893dd0ee018afef34f74df8e4ef6c\ant-launcher-1.9.0.jar<br/>
                            <b>MD5:</b>&nbsp;aa065e042ee374e7d97bcaf814cdcb8c<br/>
                            <b>SHA1:</b>&nbsp;a76484a4e3a893dd0ee018afef34f74df8e4ef6c
                                                                                </p>
                                                <h4 id="header235" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content235" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ant-launcher</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.9.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ant-launcher-1.9.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.9.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ant</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>launch</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tools</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ant-launcher</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Ant Launcher</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>ant-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ant.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.9.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header236" class="subsectionheader white">Identifiers</h4>
                                                <div id="content236" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant-launcher/1.9.0/ant-launcher-1.9.0.jar" target="_blank">org.apache.ant:ant-launcher:1.9.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l115_224857a490283e72da13ffe3082dea62c558ec76"></a>ant-launcher-1.9.7.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ant\ant-launcher\1.9.7\224857a490283e72da13ffe3082dea62c558ec76\ant-launcher-1.9.7.jar<br/>
                            <b>MD5:</b>&nbsp;f099489fbe6cc9665cb690b4b03cf48c<br/>
                            <b>SHA1:</b>&nbsp;224857a490283e72da13ffe3082dea62c558ec76
                                                                                </p>
                                                <h4 id="header237" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content237" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ant-launcher</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.9.7</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ant-launcher-1.9.7</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.9.7</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ant</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>launch</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tools</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ant-launcher</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Ant Launcher</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>ant-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ant.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.9.7</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header238" class="subsectionheader white">Identifiers</h4>
                                                <div id="content238" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant-launcher/1.9.7/ant-launcher-1.9.7.jar" target="_blank">org.apache.ant:ant-launcher:1.9.7</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l116_d667bc2c030a338720bfcf794d2189ea5c663b9e"></a>ant-1.9.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ant\ant\1.9.0\d667bc2c030a338720bfcf794d2189ea5c663b9e\ant-1.9.0.jar<br/>
                            <b>MD5:</b>&nbsp;f95c303d8ebed1503e22571f9214acab<br/>
                            <b>SHA1:</b>&nbsp;d667bc2c030a338720bfcf794d2189ea5c663b9e
                                                                                </p>
                                                <h4 id="header239" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content239" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ant</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.9.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ant-1.9.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.9.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ant</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tools</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/</td><td>Implementation-Title</td><td>org.apache.tools.ant</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/</td><td>Implementation-Version</td><td>1.9.0</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/</td><td>Specification-Title</td><td>Apache Ant</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ant</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Ant Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>ant-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ant.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.9.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header240" class="subsectionheader white">Identifiers</h4>
                                                <div id="content240" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant/1.9.0/ant-1.9.0.jar" target="_blank">org.apache.ant:ant:1.9.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l117_3b2a10512ee6537d3852c9b693a0284dcab5de68"></a>ant-1.9.7.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ant\ant\1.9.7\3b2a10512ee6537d3852c9b693a0284dcab5de68\ant-1.9.7.jar<br/>
                            <b>MD5:</b>&nbsp;a14502c25ee6bc76c4614315845b29e9<br/>
                            <b>SHA1:</b>&nbsp;3b2a10512ee6537d3852c9b693a0284dcab5de68
                                                                                </p>
                                                <h4 id="header241" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content241" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ant</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.9.7</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ant-1.9.7</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.9.7</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ant</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tools</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/</td><td>Implementation-Title</td><td>org.apache.tools.ant</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/</td><td>Implementation-Version</td><td>1.9.7</td></tr>
                                                                    <tr><td>manifest: org/apache/tools/ant/</td><td>Specification-Title</td><td>Apache Ant</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ant</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Ant Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>ant-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ant</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ant.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.9.7</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header242" class="subsectionheader white">Identifiers</h4>
                                                <div id="content242" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/ant/ant/1.9.7/ant-1.9.7.jar" target="_blank">org.apache.ant:ant:1.9.7</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l118_2dacadeb49bc14420990b1f28897d46f96e2181d"></a>avalon-framework-api-4.3.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Avalon Framework API<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.avalon.framework\avalon-framework-api\4.3.1\2dacadeb49bc14420990b1f28897d46f96e2181d\avalon-framework-api-4.3.1.jar<br/>
                            <b>MD5:</b>&nbsp;7c543869a7eb2bad323a54e873973acf<br/>
                            <b>SHA1:</b>&nbsp;2dacadeb49bc14420990b1f28897d46f96e2181d
                                                                                </p>
                                                <h4 id="header243" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content243" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>avalon-framework-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.avalon.framework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.3.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>avalon-framework-api-4.3.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.3.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>avalon</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>framework</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>avalon-framework-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Avalon Framework API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.avalon.framework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Avalon Framework API</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>avalon-framework</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.avalon</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>4.3.1</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.3.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header244" class="subsectionheader white">Identifiers</h4>
                                                <div id="content244" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%222dacadeb49bc14420990b1f28897d46f96e2181d%22" target="_blank">org.apache.avalon.framework:avalon-framework-api:4.3.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l119_2d5f5a07fd14513ce6d7a7bfaff69419c26dbd0b"></a>avalon-framework-impl-4.3.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Avalon Framework Implementation<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.avalon.framework\avalon-framework-impl\4.3.1\2d5f5a07fd14513ce6d7a7bfaff69419c26dbd0b\avalon-framework-impl-4.3.1.jar<br/>
                            <b>MD5:</b>&nbsp;004ac42a2cda8c444451ef187b24284f<br/>
                            <b>SHA1:</b>&nbsp;2d5f5a07fd14513ce6d7a7bfaff69419c26dbd0b
                                                                                </p>
                                                <h4 id="header245" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content245" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>avalon-framework-impl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.avalon.framework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.3.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>avalon-framework-impl-4.3.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.3.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>avalon</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>framework</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>avalon-framework-impl</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Avalon Framework Implementation</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.avalon.framework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Avalon Framework Implementation</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>avalon-framework</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.avalon</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>4.3.1</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.3.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header246" class="subsectionheader white">Identifiers</h4>
                                                <div id="content246" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%222d5f5a07fd14513ce6d7a7bfaff69419c26dbd0b%22" target="_blank">org.apache.avalon.framework:avalon-framework-impl:4.3.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l120_839abf2a83ab7aa225e4d4f8dd4236803ef977a0"></a>axis2-kernel-1.7.1.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Core Parts of Axis2. This includes Axis2 engine, Client API, Addressing support, etc.,
    <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.axis2\axis2-kernel\1.7.1\839abf2a83ab7aa225e4d4f8dd4236803ef977a0\axis2-kernel-1.7.1.jar<br/>
                            <b>MD5:</b>&nbsp;70f2a2bb541d649a4e943ee47fc2388a<br/>
                            <b>SHA1:</b>&nbsp;839abf2a83ab7aa225e4d4f8dd4236803ef977a0
                                                                                </p>
                                                <h4 id="header247" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content247" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>axis2-kernel</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.axis2</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.7.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>axis2-kernel-1.7.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.7.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Axis2 - Kernel</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.axis2</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.7.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Axis2 - Kernel</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>axis2-kernel</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Core Parts of Axis2. This includes Axis2 engine, Client API, Addressing support, etc.,
    </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.axis2</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Axis2 - Kernel</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>axis2</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.axis2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://axis.apache.org/axis2/java/core/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.7.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header248" class="subsectionheader white">Identifiers</h4>
                                                <div id="content248" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:axis2:1.7.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('axis2-kernel-1.7.1.jar', '839abf2a83ab7aa225e4d4f8dd4236803ef977a0', 'cpe', 'cpe:/a:apache:axis2:1.7.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22839abf2a83ab7aa225e4d4f8dd4236803ef977a0%22" target="_blank">org.apache.axis2:axis2-kernel:1.7.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header249" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content249" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5351">CVE-2012-5351</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('axis2-kernel-1.7.1.jar', '839abf2a83ab7aa225e4d4f8dd4236803ef977a0', 'cve', 'CVE-2012-5351')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-287 Improper Authentication
                            </p>
                            <p>Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a &quot;Signature exclusion attack,&quot; a different vulnerability than CVE-2012-4418.
                                                                    <ul>
                                                                            <li>MISC - <a target="_blank" href="http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf">http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/79487">apache-axis2-saml-sec-bypass(79487)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs10"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis2%3A-">cpe:/a:apache:axis2:-</a> </li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4418">CVE-2012-4418</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('axis2-kernel-1.7.1.jar', '839abf2a83ab7aa225e4d4f8dd4236803ef977a0', 'cve', 'CVE-2012-4418')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-287 Improper Authentication
                            </p>
                            <p>Apache Axis2 allows remote attackers to forge messages and bypass authentication via an &quot;XML Signature wrapping attack.&quot;
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/55508">55508</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=856755">https://bugzilla.redhat.com/show_bug.cgi?id=856755</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf">http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2012/09/12/1">[oss-security] 20120912 CVE Request: Apache Axis2 XML Signature Wrapping Attack</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2012/09/13/1">[oss-security] 20120912 Re: CVE Request: Apache Axis2 XML Signature Wrapping Attack</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs11"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis2%3A-">cpe:/a:apache:axis2:-</a> </li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l121_54b345d733908b3fc830ac87ede303ec2b7d8c3b"></a>axis2-transport-http-1.7.1.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;This inclues all the available transports in Axis2<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.axis2\axis2-transport-http\1.7.1\54b345d733908b3fc830ac87ede303ec2b7d8c3b\axis2-transport-http-1.7.1.jar<br/>
                            <b>MD5:</b>&nbsp;58ea78d154f92057c9644f21e99e91c8<br/>
                            <b>SHA1:</b>&nbsp;54b345d733908b3fc830ac87ede303ec2b7d8c3b
                                                                                </p>
                                                <h4 id="header250" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content250" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>axis2-transport-http</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.axis2</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.7.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>axis2-transport-http-1.7.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.7.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Axis2 - Transport - HTTP</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.axis2</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.7.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Axis2 - Transport - HTTP</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>axis2-transport-http</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>This inclues all the available transports in Axis2</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.axis2</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Axis2 - Transport - HTTP</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>axis2</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.axis2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://axis.apache.org/axis2/java/core/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.7.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header251" class="subsectionheader white">Identifiers</h4>
                                                <div id="content251" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:axis2:1.7.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('axis2-transport-http-1.7.1.jar', '54b345d733908b3fc830ac87ede303ec2b7d8c3b', 'cpe', 'cpe:/a:apache:axis2:1.7.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2254b345d733908b3fc830ac87ede303ec2b7d8c3b%22" target="_blank">org.apache.axis2:axis2-transport-http:1.7.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header252" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content252" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5351">CVE-2012-5351</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('axis2-transport-http-1.7.1.jar', '54b345d733908b3fc830ac87ede303ec2b7d8c3b', 'cve', 'CVE-2012-5351')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-287 Improper Authentication
                            </p>
                            <p>Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a &quot;Signature exclusion attack,&quot; a different vulnerability than CVE-2012-4418.
                                                                    <ul>
                                                                            <li>MISC - <a target="_blank" href="http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf">http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/79487">apache-axis2-saml-sec-bypass(79487)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs12"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis2%3A-">cpe:/a:apache:axis2:-</a> </li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4418">CVE-2012-4418</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('axis2-transport-http-1.7.1.jar', '54b345d733908b3fc830ac87ede303ec2b7d8c3b', 'cve', 'CVE-2012-4418')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-287 Improper Authentication
                            </p>
                            <p>Apache Axis2 allows remote attackers to forge messages and bypass authentication via an &quot;XML Signature wrapping attack.&quot;
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/55508">55508</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=856755">https://bugzilla.redhat.com/show_bug.cgi?id=856755</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf">http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2012/09/12/1">[oss-security] 20120912 CVE Request: Apache Axis2 XML Signature Wrapping Attack</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2012/09/13/1">[oss-security] 20120912 Re: CVE Request: Apache Axis2 XML Signature Wrapping Attack</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs13"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis2%3A-">cpe:/a:apache:axis2:-</a> </li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l122_cfda1532e74015dd978b3d046b19a2749ac300b1"></a>axis2-transport-local-1.7.1.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;This inclues all the available transports in Axis2<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.axis2\axis2-transport-local\1.7.1\cfda1532e74015dd978b3d046b19a2749ac300b1\axis2-transport-local-1.7.1.jar<br/>
                            <b>MD5:</b>&nbsp;64540c40f6be6421a7e5db8ab7446c5d<br/>
                            <b>SHA1:</b>&nbsp;cfda1532e74015dd978b3d046b19a2749ac300b1
                                                                                </p>
                                                <h4 id="header253" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content253" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>axis2-transport-local</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.axis2</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.7.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>axis2-transport-local-1.7.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.7.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>This inclues all the available transports in Axis2</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>axis2-transport-local</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>axis2-transport-local</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.7.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>axis2-transport-local</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>This inclues all the available transports in Axis2</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.axis2</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Axis2 - Transport - Local</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>axis2</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.axis2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://axis.apache.org/axis2/java/core/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.7.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header254" class="subsectionheader white">Identifiers</h4>
                                                <div id="content254" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:axis2:1.7.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('axis2-transport-local-1.7.1.jar', 'cfda1532e74015dd978b3d046b19a2749ac300b1', 'cpe', 'cpe:/a:apache:axis2:1.7.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22cfda1532e74015dd978b3d046b19a2749ac300b1%22" target="_blank">org.apache.axis2:axis2-transport-local:1.7.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header255" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content255" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5351">CVE-2012-5351</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('axis2-transport-local-1.7.1.jar', 'cfda1532e74015dd978b3d046b19a2749ac300b1', 'cve', 'CVE-2012-5351')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-287 Improper Authentication
                            </p>
                            <p>Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a &quot;Signature exclusion attack,&quot; a different vulnerability than CVE-2012-4418.
                                                                    <ul>
                                                                            <li>MISC - <a target="_blank" href="http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf">http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/79487">apache-axis2-saml-sec-bypass(79487)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs14"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis2%3A-">cpe:/a:apache:axis2:-</a> </li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4418">CVE-2012-4418</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('axis2-transport-local-1.7.1.jar', 'cfda1532e74015dd978b3d046b19a2749ac300b1', 'cve', 'CVE-2012-4418')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-287 Improper Authentication
                            </p>
                            <p>Apache Axis2 allows remote attackers to forge messages and bypass authentication via an &quot;XML Signature wrapping attack.&quot;
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/55508">55508</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=856755">https://bugzilla.redhat.com/show_bug.cgi?id=856755</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf">http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2012/09/12/1">[oss-security] 20120912 CVE Request: Apache Axis2 XML Signature Wrapping Attack</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2012/09/13/1">[oss-security] 20120912 Re: CVE Request: Apache Axis2 XML Signature Wrapping Attack</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs15"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis2%3A-">cpe:/a:apache:axis2:-</a> </li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l123_94a9ce681a42d0352b3ad22659f67835e560d107"></a>axis-1.4.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;
      An implementation of the SOAP (&quot;Simple Object Access Protocol&quot;) submission to W3C.
   <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.axis\axis\1.4\94a9ce681a42d0352b3ad22659f67835e560d107\axis-1.4.jar<br/>
                            <b>MD5:</b>&nbsp;03dcfdd88502505cc5a805a128bfdd8d<br/>
                            <b>SHA1:</b>&nbsp;94a9ce681a42d0352b3ad22659f67835e560d107
                                                                                </p>
                                                <h4 id="header256" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content256" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>axis</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>axis</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.axis</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.4</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>axis-1.4</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.4</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>axis</td></tr>
                                                                    <tr><td>manifest: org/apache/axis</td><td>Implementation-Title</td><td>Apache Axis</td></tr>
                                                                    <tr><td>manifest: org/apache/axis</td><td>Implementation-Vendor</td><td>Apache Web Services</td></tr>
                                                                    <tr><td>manifest: org/apache/axis</td><td>Implementation-Version</td><td>1.4 1855 April 22 2006</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>axis</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
      An implementation of the SOAP (&quot;Simple Object Access Protocol&quot;) submission to W3C.
   </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>axis</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Axis Web Services</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ws.apache.org/axis</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.4</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                <h4 id="header257" class="subsectionheader white">Identifiers</h4>
                                                <div id="content257" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=axis/axis/1.4/axis-1.4.jar" target="_blank">axis:axis:1.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.4" target="_blank">cpe:/a:apache:axis:1.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('axis-1.4.jar', '94a9ce681a42d0352b3ad22659f67835e560d107', 'cpe', 'cpe:/a:apache:axis:1.4')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/axis/axis/1.4/axis-1.4.jar" target="_blank">org.apache.axis:axis:1.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header258" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content258" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3596">CVE-2014-3596</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('axis-1.4.jar', '94a9ce681a42d0352b3ad22659f67835e560d107', 'cve', 'CVE-2014-3596')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                            </p>
                            <p>The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field.  NOTE: this issue exists because of an incomplete fix for CVE-2012-5784.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/69295">69295</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://linux.oracle.com/errata/ELSA-2014-1193.html">http://linux.oracle.com/errata/ELSA-2014-1193.html</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://issues.apache.org/jira/browse/AXIS-2905">https://issues.apache.org/jira/browse/AXIS-2905</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2014/08/20/2">[oss-security] 20140820 CVE-2014-3596 - Apache Axis 1 vulnerable to MITM attack</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1193.html">RHSA-2014:1193</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030745">1030745</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61222">61222</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/95377">apache-axis-cve20143596-spoofing(95377)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs16', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs16"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.4">cpe:/a:apache:axis:1.4</a>  and all previous versions</li>
                                    <li class="vs16">...</li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.0">cpe:/a:apache:axis:1.0</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.0%3Abeta">cpe:/a:apache:axis:1.0:beta</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.0%3Arc1">cpe:/a:apache:axis:1.0:rc1</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.0%3Arc2">cpe:/a:apache:axis:1.0:rc2</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.1">cpe:/a:apache:axis:1.1</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.1%3Abeta">cpe:/a:apache:axis:1.1:beta</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.1%3Arc1">cpe:/a:apache:axis:1.1:rc1</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.1%3Arc2">cpe:/a:apache:axis:1.1:rc2</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2">cpe:/a:apache:axis:1.2</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Aalpha">cpe:/a:apache:axis:1.2:alpha</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Abeta1">cpe:/a:apache:axis:1.2:beta1</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Abeta2">cpe:/a:apache:axis:1.2:beta2</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Abeta3">cpe:/a:apache:axis:1.2:beta3</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Arc1">cpe:/a:apache:axis:1.2:rc1</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Arc2">cpe:/a:apache:axis:1.2:rc2</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Arc3">cpe:/a:apache:axis:1.2:rc3</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2.1">cpe:/a:apache:axis:1.2.1</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.3">cpe:/a:apache:axis:1.3</a> </li>
                                                                    <li class="vs16 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.4">cpe:/a:apache:axis:1.4</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5784">CVE-2012-5784</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('axis-1.4.jar', '94a9ce681a42d0352b3ad22659f67835e560d107', 'cve', 'CVE-2012-5784')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
                                                                    <ul>
                                                                            <li>Apache - <a target="_blank" href="http://activemq.apache.org/axis-and-cxf-support.html">http://activemq.apache.org/axis-and-cxf-support.html</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/56408">56408</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf">http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0269.html">RHSA-2013:0269</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0683.html">RHSA-2013:0683</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0037.html">RHSA-2014:0037</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/79829">apache-axis-ssl-spoofing(79829)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs17', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs17"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.4">cpe:/a:apache:axis:1.4</a>  and all previous versions</li>
                                    <li class="vs17">...</li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aactivemq%3A5.7.0">cpe:/a:apache:activemq:5.7.0</a>  and all previous versions</li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A-%3Aalpha1">cpe:/a:apache:axis:-:alpha1</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A-%3Aalpha2">cpe:/a:apache:axis:-:alpha2</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A-%3Aalpha3">cpe:/a:apache:axis:-:alpha3</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A-%3Abeta1">cpe:/a:apache:axis:-:beta1</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A-%3Abeta2">cpe:/a:apache:axis:-:beta2</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A-%3Abeta3">cpe:/a:apache:axis:-:beta3</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.0">cpe:/a:apache:axis:1.0</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.0%3Abeta">cpe:/a:apache:axis:1.0:beta</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.0%3Arc1">cpe:/a:apache:axis:1.0:rc1</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.0%3Arc2">cpe:/a:apache:axis:1.0:rc2</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.1">cpe:/a:apache:axis:1.1</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.1%3Abeta">cpe:/a:apache:axis:1.1:beta</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.1%3Arc1">cpe:/a:apache:axis:1.1:rc1</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.1%3Arc2">cpe:/a:apache:axis:1.1:rc2</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2">cpe:/a:apache:axis:1.2</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Aalpha">cpe:/a:apache:axis:1.2:alpha</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Abeta1">cpe:/a:apache:axis:1.2:beta1</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Abeta2">cpe:/a:apache:axis:1.2:beta2</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Abeta3">cpe:/a:apache:axis:1.2:beta3</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Arc1">cpe:/a:apache:axis:1.2:rc1</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Arc2">cpe:/a:apache:axis:1.2:rc2</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2%3Arc3">cpe:/a:apache:axis:1.2:rc3</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.2.1">cpe:/a:apache:axis:1.2.1</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.3">cpe:/a:apache:axis:1.3</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aaxis%3A1.4">cpe:/a:apache:axis:1.4</a>  and all previous versions</li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apaypal%3Amass_pay%3A-">cpe:/a:paypal:mass_pay:-</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apaypal%3Apayments_pro%3A-">cpe:/a:paypal:payments_pro:-</a> </li>
                                                                    <li class="vs17 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apaypal%3Atransactional_information_soap%3A-">cpe:/a:paypal:transactional_information_soap:-</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l124_a4cf4688fe1c7e3a63aa636cc96d013af537768e"></a>commons-collections4-4.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.commons\commons-collections4\4.1\a4cf4688fe1c7e3a63aa636cc96d013af537768e\commons-collections4-4.1.jar<br/>
                            <b>MD5:</b>&nbsp;45af6a8e5b51d5945de6c7411e290bd1<br/>
                            <b>SHA1:</b>&nbsp;a4cf4688fe1c7e3a63aa636cc96d013af537768e
                                                                                </p>
                                                <h4 id="header259" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content259" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-collections4</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-collections4-4.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-collections/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Collections</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.collections4</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>4.1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/COLLECTIONS_4_1_RC2@r1716550; 2015-11-25 22:53:13+0100</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Collections</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons Collections</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-collections4</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons Collections</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>4.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-collections/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header260" class="subsectionheader white">Identifiers</h4>
                                                <div id="content260" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:commons_collections:4.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('commons-collections4-4.1.jar', 'a4cf4688fe1c7e3a63aa636cc96d013af537768e', 'cpe', 'cpe:/a:apache:commons_collections:4.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22a4cf4688fe1c7e3a63aa636cc96d013af537768e%22" target="_blank">org.apache.commons:commons-collections4:4.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l125_5eeb27c57eece1faf2d837868aeccc94d84dcc9a"></a>commons-compress-1.10.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
Apache Commons Compress software defines an API for working with
compression and archive formats.  These include: bzip2, gzip, pack200,
lzma, xz, Snappy, traditional Unix Compress, DEFLATE and ar, cpio,
jar, tar, zip, dump, 7z, arj.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.commons\commons-compress\1.10\5eeb27c57eece1faf2d837868aeccc94d84dcc9a\commons-compress-1.10.jar<br/>
                            <b>MD5:</b>&nbsp;c1169464be26d435f268f03918b6baf7<br/>
                            <b>SHA1:</b>&nbsp;5eeb27c57eece1faf2d837868aeccc94d84dcc9a
                                                                                </p>
                                                <h4 id="header261" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content261" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-compress</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.10</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-compress-1.10</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.10</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Commons Compress software defines an API for working withcompression and archive formats. These include: bzip2, gzip, pack200,lzma, xz, Snappy, traditional Unix Compress, DEFLATE and ar, cpio,jar, tar, zip, dump, 7z, arj.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-compress/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Compress</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.compress</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.10.0</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.commons.compress</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/COMPRESS-1.10-RC3@r1696055; 2015-08-15 17:36:59+0200</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Compress</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.10</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.5))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons Compress</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-compress</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
Apache Commons Compress software defines an API for working with
compression and archive formats. These include: bzip2, gzip, pack200,
lzma, xz, Snappy, traditional Unix Compress, DEFLATE and ar, cpio,
jar, tar, zip, dump, 7z, arj. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons Compress</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.10</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-compress/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.10</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header262" class="subsectionheader white">Identifiers</h4>
                                                <div id="content262" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:commons-compress:1.10
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('commons-compress-1.10.jar', '5eeb27c57eece1faf2d837868aeccc94d84dcc9a', 'cpe', 'cpe:/a:apache:commons-compress:1.10')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%225eeb27c57eece1faf2d837868aeccc94d84dcc9a%22" target="_blank">org.apache.commons:commons-compress:1.10</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l126_1eeeb118cab7ec49c9a10b478356eff108d5e87e"></a>commons-csv-1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
The Apache Commons CSV library provides a simple interface for reading and writing
CSV files of various types.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.commons\commons-csv\1.1\1eeeb118cab7ec49c9a10b478356eff108d5e87e\commons-csv-1.1.jar<br/>
                            <b>MD5:</b>&nbsp;fe44c93fe2fa4b04ec110ca22874fd03<br/>
                            <b>SHA1:</b>&nbsp;1eeeb118cab7ec49c9a10b478356eff108d5e87e
                                                                                </p>
                                                <h4 id="header263" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content263" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-csv</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-csv-1.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Commons CSV library provides a simple interface for reading and writingCSV files of various types.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-csv/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons CSV</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.csv</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/1.1-RC1@r1640030; 2014-11-16 20:47:46+0000</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons CSV</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons CSV</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-csv</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
The Apache Commons CSV library provides a simple interface for reading and writing
CSV files of various types. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons CSV</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-csv/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header264" class="subsectionheader white">Identifiers</h4>
                                                <div id="content264" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%221eeeb118cab7ec49c9a10b478356eff108d5e87e%22" target="_blank">org.apache.commons:commons-csv:1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l127_95d4eab4b67874f452a69fe84e89f2952c6c27f6"></a>commons-dbcp2-2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Commons DBCP software implements Database Connection Pooling<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.commons\commons-dbcp2\2.1\95d4eab4b67874f452a69fe84e89f2952c6c27f6\commons-dbcp2-2.1.jar<br/>
                            <b>MD5:</b>&nbsp;b24defcf09144cbb5c82985d711c558f<br/>
                            <b>SHA1:</b>&nbsp;95d4eab4b67874f452a69fe84e89f2952c6c27f6
                                                                                </p>
                                                <h4 id="header265" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content265" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-dbcp2</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-dbcp2-2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Commons DBCP software implements Database Connection Pooling</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/dbcp/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons DBCP</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.dbcp2</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/DBCP_2_1_RC2@r1661059; 2015-02-20 04:34:56+0000</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons DBCP</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons DBCP</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-dbcp2</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Commons DBCP software implements Database Connection Pooling</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons DBCP</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/dbcp/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header266" class="subsectionheader white">Identifiers</h4>
                                                <div id="content266" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2295d4eab4b67874f452a69fe84e89f2952c6c27f6%22" target="_blank">org.apache.commons:commons-dbcp2:2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l128_8dfb9facd0830a27b1b5f29f84593f0aeee7773b"></a>commons-exec-1.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Commons Exec is a library to reliably execute external processes from within the JVM.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.commons\commons-exec\1.3\8dfb9facd0830a27b1b5f29f84593f0aeee7773b\commons-exec-1.3.jar<br/>
                            <b>MD5:</b>&nbsp;8bb8fa2edfd60d5c7ed6bf9923d14aa8<br/>
                            <b>SHA1:</b>&nbsp;8dfb9facd0830a27b1b5f29f84593f0aeee7773b
                                                                                </p>
                                                <h4 id="header267" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content267" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-exec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-exec-1.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Commons Exec is a library to reliably execute external processes from within the JVM.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-exec/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Exec</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.exec</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.3.0</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>trunk@r1636211; 2014-11-02 23:51:55+0000</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Exec</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.5))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons Exec</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-exec</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Commons Exec is a library to reliably execute external processes from within the JVM.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons Exec</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.3</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-exec/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header268" class="subsectionheader white">Identifiers</h4>
                                                <div id="content268" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%228dfb9facd0830a27b1b5f29f84593f0aeee7773b%22" target="_blank">org.apache.commons:commons-exec:1.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l129_62a559a025fd890c30364296ece14643ba9c8c5b"></a>commons-pool2-2.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Commons Object Pooling Library<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.commons\commons-pool2\2.3\62a559a025fd890c30364296ece14643ba9c8c5b\commons-pool2-2.3.jar<br/>
                            <b>MD5:</b>&nbsp;9f406b4acc111aa8070db5a899149e70<br/>
                            <b>SHA1:</b>&nbsp;62a559a025fd890c30364296ece14643ba9c8c5b
                                                                                </p>
                                                <h4 id="header269" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content269" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-pool2</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-pool2-2.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Commons Object Pooling Library</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-pool/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Pool</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.pool2</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.3.0</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/POOL_2_3_RC2@r1648018; 2014-12-26 21:34:15+0000</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Pool</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.3</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Commons Pool</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-pool2</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Commons Object Pooling Library</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Commons Pool</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.3</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-pool/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header270" class="subsectionheader white">Identifiers</h4>
                                                <div id="content270" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2262a559a025fd890c30364296ece14643ba9c8c5b%22" target="_blank">org.apache.commons:commons-pool2:2.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l130_b5af3b9c96b060d77c68fa5ac9384b402dd58013"></a>commons-vfs2-2.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;VFS is a Virtual File System library.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.commons\commons-vfs2\2.0\b5af3b9c96b060d77c68fa5ac9384b402dd58013\commons-vfs2-2.0.jar<br/>
                            <b>MD5:</b>&nbsp;a2cabc6a91a9de9e3d5d460b06d65b45<br/>
                            <b>SHA1:</b>&nbsp;b5af3b9c96b060d77c68fa5ac9384b402dd58013
                                                                                </p>
                                                <h4 id="header271" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content271" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>commons-vfs2</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>commons-vfs2-2.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>VFS is a Virtual File System library.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/vfs/commons-vfs2/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Commons VFS Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.vfs</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Commons VFS Core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Commons VFS Core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-vfs2</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>VFS is a Virtual File System library.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Commons VFS Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-vfs2-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header272" class="subsectionheader white">Identifiers</h4>
                                                <div id="content272" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22b5af3b9c96b060d77c68fa5ac9384b402dd58013%22" target="_blank">org.apache.commons:commons-vfs2:2.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l131_84feebaa8526f4984566f6a32f55d7689800acf9"></a>curator-client-2.8.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Low-level API<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.curator\curator-client\2.8.0\84feebaa8526f4984566f6a32f55d7689800acf9\curator-client-2.8.0.jar<br/>
                            <b>MD5:</b>&nbsp;c9092076fe5ede652f89465d6a859dfa<br/>
                            <b>SHA1:</b>&nbsp;84feebaa8526f4984566f6a32f55d7689800acf9
                                                                                </p>
                                                <h4 id="header273" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content273" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>curator-client</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.curator</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.8.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>curator-client-2.8.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.8.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Low-level API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Curator Client</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>curator-client</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.8.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>curator-client</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Low-level API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.curator</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Curator Client</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache-curator</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.curator</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.8.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header274" class="subsectionheader white">Identifiers</h4>
                                                <div id="content274" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2284feebaa8526f4984566f6a32f55d7689800acf9%22" target="_blank">org.apache.curator:curator-client:2.8.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l132_f8edc9156084ad19ae50ae5958bf218a08351834"></a>curator-framework-2.8.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;High-level API that greatly simplifies using ZooKeeper.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.curator\curator-framework\2.8.0\f8edc9156084ad19ae50ae5958bf218a08351834\curator-framework-2.8.0.jar<br/>
                            <b>MD5:</b>&nbsp;1ef0e8c00272ceba66741ee16773c5cd<br/>
                            <b>SHA1:</b>&nbsp;f8edc9156084ad19ae50ae5958bf218a08351834
                                                                                </p>
                                                <h4 id="header275" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content275" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>curator-framework</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.curator</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.8.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>curator-framework-2.8.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.8.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>High-level API that greatly simplifies using ZooKeeper.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Curator Framework</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>curator-framework</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.8.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>curator-framework</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>High-level API that greatly simplifies using ZooKeeper.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.curator</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Curator Framework</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache-curator</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.curator</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.8.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header276" class="subsectionheader white">Identifiers</h4>
                                                <div id="content276" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:zookeeper:2.8.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('curator-framework-2.8.0.jar', 'f8edc9156084ad19ae50ae5958bf218a08351834', 'cpe', 'cpe:/a:apache:zookeeper:2.8.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22f8edc9156084ad19ae50ae5958bf218a08351834%22" target="_blank">org.apache.curator:curator-framework:2.8.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header277" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content277" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0085">CVE-2014-0085</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('curator-framework-2.8.0.jar', 'f8edc9156084ad19ae50ae5958bf218a08351834', 'cve', 'CVE-2014-0085')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-255 Credentials Management
                            </p>
                            <p>Apache Zookeeper logs cleartext admin passwords, which allows local users to obtain sensitive information by reading the log.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1067265">https://bugzilla.redhat.com/show_bug.cgi?id=1067265</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs18', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs18"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Azookeeper%3A-">cpe:/a:apache:zookeeper:-</a> </li>
                                    <li class="vs18">...</li>
                                                                    <li class="vs18 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Azookeeper%3A-">cpe:/a:apache:zookeeper:-</a> </li>
                                                                    <li class="vs18 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_fuse%3A6.0.0">cpe:/a:redhat:jboss_fuse:6.0.0</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l133_c563e25fb37f85a6b029bc9746e75573640474fb"></a>curator-recipes-2.8.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;All of the recipes listed on the ZooKeeper recipes doc (except two phase commit).<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.curator\curator-recipes\2.8.0\c563e25fb37f85a6b029bc9746e75573640474fb\curator-recipes-2.8.0.jar<br/>
                            <b>MD5:</b>&nbsp;d0cda7ac1d3317646df990366d89110b<br/>
                            <b>SHA1:</b>&nbsp;c563e25fb37f85a6b029bc9746e75573640474fb
                                                                                </p>
                                                <h4 id="header278" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content278" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>curator-recipes</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.curator</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.8.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>curator-recipes-2.8.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.8.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>All of the recipes listed on the ZooKeeper recipes doc (except two phase commit).</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Curator Recipes</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>curator-recipes</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.8.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>curator-recipes</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>All of the recipes listed on the ZooKeeper recipes doc (except two phase commit).</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.curator</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Curator Recipes</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache-curator</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.curator</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.8.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header279" class="subsectionheader white">Identifiers</h4>
                                                <div id="content279" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:zookeeper:2.8.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('curator-recipes-2.8.0.jar', 'c563e25fb37f85a6b029bc9746e75573640474fb', 'cpe', 'cpe:/a:apache:zookeeper:2.8.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22c563e25fb37f85a6b029bc9746e75573640474fb%22" target="_blank">org.apache.curator:curator-recipes:2.8.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header280" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content280" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0085">CVE-2014-0085</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('curator-recipes-2.8.0.jar', 'c563e25fb37f85a6b029bc9746e75573640474fb', 'cve', 'CVE-2014-0085')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-255 Credentials Management
                            </p>
                            <p>Apache Zookeeper logs cleartext admin passwords, which allows local users to obtain sensitive information by reading the log.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1067265">https://bugzilla.redhat.com/show_bug.cgi?id=1067265</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs19', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs19"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Azookeeper%3A-">cpe:/a:apache:zookeeper:-</a> </li>
                                    <li class="vs19">...</li>
                                                                    <li class="vs19 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Azookeeper%3A-">cpe:/a:apache:zookeeper:-</a> </li>
                                                                    <li class="vs19 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_fuse%3A6.0.0">cpe:/a:redhat:jboss_fuse:6.0.0</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l134_d1c97f02c6ca0bab8b3c5315237c510523b86310"></a>cxf-core-3.0.3.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Apache CXF Core<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.cxf\cxf-core\3.0.3\d1c97f02c6ca0bab8b3c5315237c510523b86310\cxf-core-3.0.3.jar<br/>
                            <b>MD5:</b>&nbsp;a8deb80a65573c98d1399d2447771f16<br/>
                            <b>SHA1:</b>&nbsp;d1c97f02c6ca0bab8b3c5315237c510523b86310
                                                                                </p>
                                                <h4 id="header281" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content281" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>cxf-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.cxf</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>cxf-core-3.0.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache CXF Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://cxf.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache CXF Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.cxf.cxf-core</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>Manifest</td><td>export-service</td><td>org.apache.aries.blueprint.NamespaceHandler;osgi.service.blueprint.namespace=&quot;http://cxf.apache.org/blueprint/core&quot;,org.apache.aries.blueprint.NamespaceHandler;osgi.service.blueprint.namespace=&quot;http://cxf.apache.org/configuration/beans&quot;,org.apache.aries.blueprint.NamespaceHandler;osgi.service.blueprint.namespace=&quot;http://cxf.apache.org/configuration/parameterized-types&quot;,org.apache.aries.blueprint.NamespaceHandler;osgi.service.blueprint.namespace=&quot;http://cxf.apache.org/configuration/security&quot;,org.apache.aries.blueprint.NamespaceHandler;osgi.service.blueprint.namespace=&quot;http://schemas.xmlsoap.org/wsdl/&quot;,</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>cxf-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache CXF Core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.cxf</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache CXF Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>cxf-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.cxf</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://cxf.apache.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.0.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header282" class="subsectionheader white">Identifiers</h4>
                                                <div id="content282" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:cxf:3.0.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('cxf-core-3.0.3.jar', 'd1c97f02c6ca0bab8b3c5315237c510523b86310', 'cpe', 'cpe:/a:apache:cxf:3.0.3')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22d1c97f02c6ca0bab8b3c5315237c510523b86310%22" target="_blank">org.apache.cxf:cxf-core:3.0.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header283" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content283" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5253">CVE-2015-5253</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('cxf-core-3.0.3.jar', 'd1c97f02c6ca0bab8b3c5315237c510523b86310', 'cve', 'CVE-2015-5253')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a &quot;wrapping attack.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc">http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0">https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2015/11/14/1">[oss-security] 20151114 New security advisory for Apache CXF</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0321.html">RHSA-2016:0321</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1034162">1034162</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs20', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs20"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.0.6">cpe:/a:apache:cxf:3.0.6</a>  and all previous versions</li>
                                    <li class="vs20">...</li>
                                                                    <li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A2.7.17">cpe:/a:apache:cxf:2.7.17</a>  and all previous versions</li>
                                                                    <li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.0.6">cpe:/a:apache:cxf:3.0.6</a>  and all previous versions</li>
                                                                    <li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.1.2">cpe:/a:apache:cxf:3.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5786">CVE-2012-5786</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('cxf-core-3.0.3.jar', 'd1c97f02c6ca0bab8b3c5315237c510523b86310', 'cve', 'CVE-2012-5786')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
                                                                    <ul>
                                                                            <li>MISC - <a target="_blank" href="http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf">http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/79983">apache-cxf-ssl-spoofing(79983)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs21', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs21"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A-">cpe:/a:apache:cxf:-</a> </li>
                                    <li class="vs21">...</li>
                                                                    <li class="vs21 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A-">cpe:/a:apache:cxf:-</a> </li>
                                                                    <li class="vs21 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A2.6.0">cpe:/a:apache:cxf:2.6.0</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l135_284a35801aef259c0d61edb938865b5b125403ac"></a>cxf-rt-frontend-jaxrs-3.0.3.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Apache CXF Runtime JAX-RS Frontend<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.cxf\cxf-rt-frontend-jaxrs\3.0.3\284a35801aef259c0d61edb938865b5b125403ac\cxf-rt-frontend-jaxrs-3.0.3.jar<br/>
                            <b>MD5:</b>&nbsp;51ba3420493d0571129e7b3a6ea93337<br/>
                            <b>SHA1:</b>&nbsp;284a35801aef259c0d61edb938865b5b125403ac
                                                                                </p>
                                                <h4 id="header284" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content284" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>cxf-rt-frontend-jaxrs</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.cxf</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>cxf-rt-frontend-jaxrs-3.0.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache CXF Runtime JAX-RS Frontend</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://cxf.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache CXF Runtime JAX-RS Frontend</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.cxf.cxf-rt-frontend-jaxrs</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>Manifest</td><td>export-service</td><td>org.apache.aries.blueprint.NamespaceHandler;osgi.service.blueprint.namespace=&quot;http://cxf.apache.org/blueprint/jaxrs&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>cxf-rt-frontend-jaxrs</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache CXF Runtime JAX-RS Frontend</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.cxf</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache CXF Runtime JAX-RS Frontend</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>cxf-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.cxf</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://cxf.apache.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.0.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header285" class="subsectionheader white">Identifiers</h4>
                                                <div id="content285" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:cxf:3.0.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('cxf-rt-frontend-jaxrs-3.0.3.jar', '284a35801aef259c0d61edb938865b5b125403ac', 'cpe', 'cpe:/a:apache:cxf:3.0.3')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22284a35801aef259c0d61edb938865b5b125403ac%22" target="_blank">org.apache.cxf:cxf-rt-frontend-jaxrs:3.0.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header286" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content286" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5253">CVE-2015-5253</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('cxf-rt-frontend-jaxrs-3.0.3.jar', '284a35801aef259c0d61edb938865b5b125403ac', 'cve', 'CVE-2015-5253')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a &quot;wrapping attack.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc">http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0">https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2015/11/14/1">[oss-security] 20151114 New security advisory for Apache CXF</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0321.html">RHSA-2016:0321</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1034162">1034162</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs22', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs22"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.0.6">cpe:/a:apache:cxf:3.0.6</a>  and all previous versions</li>
                                    <li class="vs22">...</li>
                                                                    <li class="vs22 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A2.7.17">cpe:/a:apache:cxf:2.7.17</a>  and all previous versions</li>
                                                                    <li class="vs22 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.0.6">cpe:/a:apache:cxf:3.0.6</a>  and all previous versions</li>
                                                                    <li class="vs22 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.1.2">cpe:/a:apache:cxf:3.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5786">CVE-2012-5786</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('cxf-rt-frontend-jaxrs-3.0.3.jar', '284a35801aef259c0d61edb938865b5b125403ac', 'cve', 'CVE-2012-5786')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
                                                                    <ul>
                                                                            <li>MISC - <a target="_blank" href="http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf">http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/79983">apache-cxf-ssl-spoofing(79983)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs23', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs23"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A-">cpe:/a:apache:cxf:-</a> </li>
                                    <li class="vs23">...</li>
                                                                    <li class="vs23 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A-">cpe:/a:apache:cxf:-</a> </li>
                                                                    <li class="vs23 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A2.6.0">cpe:/a:apache:cxf:2.6.0</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l136_45eabb80eb52ac54111c71e0d6f34c9c93f99b0d"></a>cxf-rt-rs-client-3.0.3.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Apache CXF JAX-RS Client<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.cxf\cxf-rt-rs-client\3.0.3\45eabb80eb52ac54111c71e0d6f34c9c93f99b0d\cxf-rt-rs-client-3.0.3.jar<br/>
                            <b>MD5:</b>&nbsp;db443330f478b586ec67d07b3c4b8c8e<br/>
                            <b>SHA1:</b>&nbsp;45eabb80eb52ac54111c71e0d6f34c9c93f99b0d
                                                                                </p>
                                                <h4 id="header287" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content287" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>cxf-rt-rs-client</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.cxf</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>cxf-rt-rs-client-3.0.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache CXF JAX-RS Client</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://cxf.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache CXF JAX-RS Client</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.cxf.cxf-rt-rs-client</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>Manifest</td><td>export-service</td><td>org.apache.aries.blueprint.NamespaceHandler;osgi.service.blueprint.namespace=&quot;http://cxf.apache.org/blueprint/jaxrs-client&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>cxf-rt-rs-client</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache CXF JAX-RS Client</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.cxf</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache CXF JAX-RS Client</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>cxf-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.cxf</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://cxf.apache.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.0.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header288" class="subsectionheader white">Identifiers</h4>
                                                <div id="content288" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:cxf:3.0.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('cxf-rt-rs-client-3.0.3.jar', '45eabb80eb52ac54111c71e0d6f34c9c93f99b0d', 'cpe', 'cpe:/a:apache:cxf:3.0.3')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2245eabb80eb52ac54111c71e0d6f34c9c93f99b0d%22" target="_blank">org.apache.cxf:cxf-rt-rs-client:3.0.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header289" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content289" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5253">CVE-2015-5253</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('cxf-rt-rs-client-3.0.3.jar', '45eabb80eb52ac54111c71e0d6f34c9c93f99b0d', 'cve', 'CVE-2015-5253')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a &quot;wrapping attack.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc">http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0">https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2015/11/14/1">[oss-security] 20151114 New security advisory for Apache CXF</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0321.html">RHSA-2016:0321</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1034162">1034162</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs24', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs24"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.0.6">cpe:/a:apache:cxf:3.0.6</a>  and all previous versions</li>
                                    <li class="vs24">...</li>
                                                                    <li class="vs24 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A2.7.17">cpe:/a:apache:cxf:2.7.17</a>  and all previous versions</li>
                                                                    <li class="vs24 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.0.6">cpe:/a:apache:cxf:3.0.6</a>  and all previous versions</li>
                                                                    <li class="vs24 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.1.2">cpe:/a:apache:cxf:3.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5786">CVE-2012-5786</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('cxf-rt-rs-client-3.0.3.jar', '45eabb80eb52ac54111c71e0d6f34c9c93f99b0d', 'cve', 'CVE-2012-5786')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
                                                                    <ul>
                                                                            <li>MISC - <a target="_blank" href="http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf">http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/79983">apache-cxf-ssl-spoofing(79983)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs25', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs25"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A-">cpe:/a:apache:cxf:-</a> </li>
                                    <li class="vs25">...</li>
                                                                    <li class="vs25 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A-">cpe:/a:apache:cxf:-</a> </li>
                                                                    <li class="vs25 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A2.6.0">cpe:/a:apache:cxf:2.6.0</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l137_d0fe9957966496bcc9550dddfbe5100d84105d75"></a>cxf-rt-transports-http-3.0.3.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Apache CXF Runtime HTTP Transport<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.cxf\cxf-rt-transports-http\3.0.3\d0fe9957966496bcc9550dddfbe5100d84105d75\cxf-rt-transports-http-3.0.3.jar<br/>
                            <b>MD5:</b>&nbsp;ed6f375bb82fe8a226195ac15ff21d57<br/>
                            <b>SHA1:</b>&nbsp;d0fe9957966496bcc9550dddfbe5100d84105d75
                                                                                </p>
                                                <h4 id="header290" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content290" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>cxf-rt-transports-http</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.cxf</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>cxf-rt-transports-http-3.0.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache CXF Runtime HTTP Transport</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://cxf.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache CXF Runtime HTTP Transport</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.cxf.cxf-rt-transports-http</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>Manifest</td><td>export-service</td><td>org.apache.aries.blueprint.NamespaceHandler;osgi.service.blueprint.namespace=&quot;http://cxf.apache.org/transports/http/configuration&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>cxf-rt-transports-http</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache CXF Runtime HTTP Transport</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.cxf</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache CXF Runtime HTTP Transport</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>cxf-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.cxf</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://cxf.apache.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.0.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header291" class="subsectionheader white">Identifiers</h4>
                                                <div id="content291" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:cxf:3.0.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('cxf-rt-transports-http-3.0.3.jar', 'd0fe9957966496bcc9550dddfbe5100d84105d75', 'cpe', 'cpe:/a:apache:cxf:3.0.3')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22d0fe9957966496bcc9550dddfbe5100d84105d75%22" target="_blank">org.apache.cxf:cxf-rt-transports-http:3.0.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header292" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content292" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5253">CVE-2015-5253</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('cxf-rt-transports-http-3.0.3.jar', 'd0fe9957966496bcc9550dddfbe5100d84105d75', 'cve', 'CVE-2015-5253')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a &quot;wrapping attack.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc">http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0">https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2015/11/14/1">[oss-security] 20151114 New security advisory for Apache CXF</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0321.html">RHSA-2016:0321</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1034162">1034162</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs26', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs26"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.0.6">cpe:/a:apache:cxf:3.0.6</a>  and all previous versions</li>
                                    <li class="vs26">...</li>
                                                                    <li class="vs26 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A2.7.17">cpe:/a:apache:cxf:2.7.17</a>  and all previous versions</li>
                                                                    <li class="vs26 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.0.6">cpe:/a:apache:cxf:3.0.6</a>  and all previous versions</li>
                                                                    <li class="vs26 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A3.1.2">cpe:/a:apache:cxf:3.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5786">CVE-2012-5786</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('cxf-rt-transports-http-3.0.3.jar', 'd0fe9957966496bcc9550dddfbe5100d84105d75', 'cve', 'CVE-2012-5786')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
                                                                    <ul>
                                                                            <li>MISC - <a target="_blank" href="http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf">http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/79983">apache-cxf-ssl-spoofing(79983)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs27', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs27"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A-">cpe:/a:apache:cxf:-</a> </li>
                                    <li class="vs27">...</li>
                                                                    <li class="vs27 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A-">cpe:/a:apache:cxf:-</a> </li>
                                                                    <li class="vs27 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Acxf%3A2.6.0">cpe:/a:apache:cxf:2.6.0</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l138_df4b50061e8e4c348ce243b921f53ee63ba9bbe1"></a>derby-10.11.1.1.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Contains the core Apache Derby database engine, which also includes the embedded JDBC driver.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.derby\derby\10.11.1.1\df4b50061e8e4c348ce243b921f53ee63ba9bbe1\derby-10.11.1.1.jar<br/>
                            <b>MD5:</b>&nbsp;afe613d20dabc4eae9b025375adb7e84<br/>
                            <b>SHA1:</b>&nbsp;df4b50061e8e4c348ce243b921f53ee63ba9bbe1
                                                                                </p>
                                                <h4 id="header293" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content293" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>derby</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.derby</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>10.11.1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>derby-10.11.1.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>10.11.1.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>derby</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>impl</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Derby 10.11</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>derby</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>10.11.1000001.1616546</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>derby</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Contains the core Apache Derby database engine, which also includes the embedded JDBC driver.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.derby</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Derby Database Engine and Embedded JDBC Driver</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>derby-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.derby</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>10.11.1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header294" class="subsectionheader white">Identifiers</h4>
                                                <div id="content294" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:derby:10.11.1.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('derby-10.11.1.1.jar', 'df4b50061e8e4c348ce243b921f53ee63ba9bbe1', 'cpe', 'cpe:/a:apache:derby:10.11.1.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/derby/derby/10.11.1.1/derby-10.11.1.1.jar" target="_blank">org.apache.derby:derby:10.11.1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header295" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content295" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1832">CVE-2015-1832</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('derby-10.11.1.1.jar', 'df4b50061e8e4c348ce243b921f53ee63ba9bbe1', 'cve', 'CVE-2015-1832')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving XmlVTI and the XML datatype.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/93132">93132</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21990100">http://www-01.ibm.com/support/docview.wss?uid=swg21990100</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.apache.org/jira/browse/DERBY-6807">https://issues.apache.org/jira/browse/DERBY-6807</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://svn.apache.org/viewvc?view=revision&amp;revision=1691461">https://svn.apache.org/viewvc?view=revision&revision=1691461</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs28"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aderby%3A10.12.1">cpe:/a:apache:derby:10.12.1</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l139_1cfdfcff3cd6a805be401946ab14213b0bad9cb4"></a>geronimo-transaction-3.1.1.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Apache Geronimo Transaction Manager<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.geronimo.components\geronimo-transaction\3.1.1\1cfdfcff3cd6a805be401946ab14213b0bad9cb4\geronimo-transaction-3.1.1.jar<br/>
                            <b>MD5:</b>&nbsp;e1caa0d3071d1a541b9de1987061d401<br/>
                            <b>SHA1:</b>&nbsp;1cfdfcff3cd6a805be401946ab14213b0bad9cb4
                                                                                </p>
                                                <h4 id="header296" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content296" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>geronimo-transaction</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.geronimo.components</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>geronimo-transaction-3.1.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.1.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Geronimo Transaction Manager</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://geronimo.apache.org/maven/components/geronimo-transaction/3.1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Geronimo TxManager :: Transaction</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.geronimo.components.geronimo-transaction</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Geronimo TxManager :: Transaction</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.1.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>geronimo-transaction</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Geronimo Transaction Manager</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.geronimo.components</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Geronimo TxManager :: Transaction</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>geronimo-txmanager-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.geronimo.components</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://geronimo.apache.org/maven/${siteId}/${project.version}</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header297" class="subsectionheader white">Identifiers</h4>
                                                <div id="content297" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Ageronimo" target="_blank">cpe:/a:apache:geronimo:3.1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('geronimo-transaction-3.1.1.jar', '1cfdfcff3cd6a805be401946ab14213b0bad9cb4', 'cpe', 'cpe:/a:apache:geronimo:3.1.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%221cfdfcff3cd6a805be401946ab14213b0bad9cb4%22" target="_blank">org.apache.geronimo.components:geronimo-transaction:3.1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header298" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content298" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0732">CVE-2008-0732</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('geronimo-transaction-3.1.1.jar', '1cfdfcff3cd6a805be401946ab14213b0bad9cb4', 'cve', 'CVE-2008-0732')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
                            </p>
                            <p>The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
                                                                    <ul>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html">SUSE-SR:2008:003</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs29"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ageronimo">cpe:/a:apache:geronimo</a> </li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l140_f15af1b53fba7f23ce5e9de4fb57a88585aa9eee"></a>geronimo-activation_1.1_spec-1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java Activation Spec API 1.1<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.geronimo.specs\geronimo-activation_1.1_spec\1.1\f15af1b53fba7f23ce5e9de4fb57a88585aa9eee\geronimo-activation_1.1_spec-1.1.jar<br/>
                            <b>MD5:</b>&nbsp;6f2756f073402855a1567c1523f66b9b<br/>
                            <b>SHA1:</b>&nbsp;f15af1b53fba7f23ce5e9de4fb57a88585aa9eee
                                                                                </p>
                                                <h4 id="header299" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content299" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>geronimo-activation_1.1_spec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>geronimo-activation_1.1_spec-1.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Java Activation Spec API 1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://geronimo.apache.org/maven/specs/geronimo-activation_1.1_spec/1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Activation 1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.geronimo.specs.geronimo-activation_1.1_spec;singleton=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Activation 1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>JSR-925 Java Activation Framework 1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems, Inc.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>geronimo-activation_1.1_spec</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Java Activation Spec API 1.1</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Activation 1.1</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>genesis-java5-flava</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.geronimo.genesis</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://geronimo.apache.org/maven/${siteId}/${version}</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header300" class="subsectionheader white">Identifiers</h4>
                                                <div id="content300" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22f15af1b53fba7f23ce5e9de4fb57a88585aa9eee%22" target="_blank">org.apache.geronimo.specs:geronimo-activation_1.1_spec:1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l141_a1a1cb635415af603ffba27987ffcd3422fb7801"></a>geronimo-j2ee-connector_1.6_spec-1.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java 2 Connector Architecture API<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.geronimo.specs\geronimo-j2ee-connector_1.6_spec\1.0\a1a1cb635415af603ffba27987ffcd3422fb7801\geronimo-j2ee-connector_1.6_spec-1.0.jar<br/>
                            <b>MD5:</b>&nbsp;f4add9eb4ff4b8c4d7591852e6d04e5f<br/>
                            <b>SHA1:</b>&nbsp;a1a1cb635415af603ffba27987ffcd3422fb7801
                                                                                </p>
                                                <h4 id="header301" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content301" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>geronimo-j2ee-connector_1.6_spec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>geronimo-j2ee-connector_1.6_spec-1.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Java 2 Connector Architecture API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://geronimo.apache.org/maven/specs/geronimo-j2ee-connector_1.6_spec/1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>J2EE Connector 1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.geronimo.specs.geronimo-j2ee-connector_1.6_spec</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>J2EE Connector 1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>geronimo-j2ee-connector_1.6_spec</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Java 2 Connector Architecture API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>J2EE Connector 1.6</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>genesis-java5-flava</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.geronimo.genesis</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.0</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://geronimo.apache.org/maven/${siteId}/${version}</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header302" class="subsectionheader white">Identifiers</h4>
                                                <div id="content302" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22a1a1cb635415af603ffba27987ffcd3422fb7801%22" target="_blank">org.apache.geronimo.specs:geronimo-j2ee-connector_1.6_spec:1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l142_b0b1d499b5c7f53ed65fa1aadd6cfaf743480e1b"></a>geronimo-jaxrpc_1.1_spec-1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.geronimo.specs\geronimo-jaxrpc_1.1_spec\1.1\b0b1d499b5c7f53ed65fa1aadd6cfaf743480e1b\geronimo-jaxrpc_1.1_spec-1.1.jar<br/>
                            <b>MD5:</b>&nbsp;ee8d28584b602a03da5f9b4c068b2d53<br/>
                            <b>SHA1:</b>&nbsp;b0b1d499b5c7f53ed65fa1aadd6cfaf743480e1b
                                                                                </p>
                                                <h4 id="header303" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content303" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>geronimo-jaxrpc_1.1_spec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>geronimo-jaxrpc_1.1_spec-1.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>rpc</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>geronimo-jaxrpc_1.1_spec</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JAXRPC 1.1</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>specs</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.1</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header304" class="subsectionheader white">Identifiers</h4>
                                                <div id="content304" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22b0b1d499b5c7f53ed65fa1aadd6cfaf743480e1b%22" target="_blank">org.apache.geronimo.specs:geronimo-jaxrpc_1.1_spec:1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l143_c872b46c601d8dc03633288b81269f9e42762cea"></a>geronimo-jms_1.1_spec-1.1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Provides open-source implementations of Sun specifications.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.geronimo.specs\geronimo-jms_1.1_spec\1.1.1\c872b46c601d8dc03633288b81269f9e42762cea\geronimo-jms_1.1_spec-1.1.1.jar<br/>
                            <b>MD5:</b>&nbsp;d80ce71285696d36c1add1989b94f084<br/>
                            <b>SHA1:</b>&nbsp;c872b46c601d8dc03633288b81269f9e42762cea
                                                                                </p>
                                                <h4 id="header305" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content305" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>geronimo-jms_1.1_spec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>geronimo-jms_1.1_spec-1.1.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Provides open-source implementations of Sun specifications.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>geronimo-jms_1.1_spec</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.geronimo.specs.geronimo-jms_1.1_spec</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Geronimo</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.1.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>geronimo-jms_1.1_spec</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JMS 1.1</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>specs</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.1.1</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header306" class="subsectionheader white">Identifiers</h4>
                                                <div id="content306" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22c872b46c601d8dc03633288b81269f9e42762cea%22" target="_blank">org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l144_aabab3165b8ea936b9360abbf448459c0d04a5a4"></a>geronimo-jta_1.1_spec-1.1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Provides open-source implementations of Sun specifications.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.geronimo.specs\geronimo-jta_1.1_spec\1.1.1\aabab3165b8ea936b9360abbf448459c0d04a5a4\geronimo-jta_1.1_spec-1.1.1.jar<br/>
                            <b>MD5:</b>&nbsp;4aa8d50456bcec0bf6f032ceb182ad64<br/>
                            <b>SHA1:</b>&nbsp;aabab3165b8ea936b9360abbf448459c0d04a5a4
                                                                                </p>
                                                <h4 id="header307" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content307" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>geronimo-jta_1.1_spec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>geronimo-jta_1.1_spec-1.1.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Provides open-source implementations of Sun specifications.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>geronimo-jta_1.1_spec</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.geronimo.specs.geronimo-jta_1.1_spec</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Geronimo</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.1.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>geronimo-jta_1.1_spec</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JTA 1.1</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>specs</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.1.1</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header308" class="subsectionheader white">Identifiers</h4>
                                                <div id="content308" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22aabab3165b8ea936b9360abbf448459c0d04a5a4%22" target="_blank">org.apache.geronimo.specs:geronimo-jta_1.1_spec:1.1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l145_1c171093a8b43aa550c6050ac441abe713ebb4f2"></a>geronimo-stax-api_1.0_spec-1.0.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Provides open-source implementations of Sun specifications.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.geronimo.specs\geronimo-stax-api_1.0_spec\1.0.1\1c171093a8b43aa550c6050ac441abe713ebb4f2\geronimo-stax-api_1.0_spec-1.0.1.jar<br/>
                            <b>MD5:</b>&nbsp;b7c2a715cd3d1c43dc4ccfae426e8e2e<br/>
                            <b>SHA1:</b>&nbsp;1c171093a8b43aa550c6050ac441abe713ebb4f2
                                                                                </p>
                                                <h4 id="header309" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content309" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>geronimo-stax-api_1.0_spec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>geronimo-stax-api_1.0_spec-1.0.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Provides open-source implementations of Sun specifications.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>geronimo-stax-api_1.0_spec</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.geronimo.specs.geronimo-stax-api_1.0_spec</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Geronimo</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.0.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>geronimo-stax-api_1.0_spec</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Streaming API for XML (STAX API 1.0)</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>specs</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.0.1</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header310" class="subsectionheader white">Identifiers</h4>
                                                <div id="content310" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%221c171093a8b43aa550c6050ac441abe713ebb4f2%22" target="_blank">org.apache.geronimo.specs:geronimo-stax-api_1.0_spec:1.0.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l146_7be9f049b4f0f0cf045675be5a0ff709d57cbc6a"></a>geronimo-ws-metadata_2.0_spec-1.1.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Provides open-source implementations of Sun specifications.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.geronimo.specs\geronimo-ws-metadata_2.0_spec\1.1.2\7be9f049b4f0f0cf045675be5a0ff709d57cbc6a\geronimo-ws-metadata_2.0_spec-1.1.2.jar<br/>
                            <b>MD5:</b>&nbsp;3d0fbbca45e8877dee74e83bc83317d5<br/>
                            <b>SHA1:</b>&nbsp;7be9f049b4f0f0cf045675be5a0ff709d57cbc6a
                                                                                </p>
                                                <h4 id="header311" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content311" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>geronimo-ws-metadata_2.0_spec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>geronimo-ws-metadata_2.0_spec-1.1.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Provides open-source implementations of Sun specifications.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>geronimo-ws-metadata_2.0_spec</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.geronimo.specs.geronimo-ws-metadata_2.0_spec</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Geronimo</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.1.2</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>geronimo-ws-metadata_2.0_spec</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Web Services Metadata 2.0</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>specs</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.geronimo.specs</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.1.2</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header312" class="subsectionheader white">Identifiers</h4>
                                                <div id="content312" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%227be9f049b4f0f0cf045675be5a0ff709d57cbc6a%22" target="_blank">org.apache.geronimo.specs:geronimo-ws-metadata_2.0_spec:1.1.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l147_80693ef2884927ee3c5464a7539fcfa4af382e14"></a>hadoop-annotations-2.7.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Hadoop Annotations<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.hadoop\hadoop-annotations\2.7.2\80693ef2884927ee3c5464a7539fcfa4af382e14\hadoop-annotations-2.7.2.jar<br/>
                            <b>MD5:</b>&nbsp;56e87afd2bf0d893ccb41142cacd6608<br/>
                            <b>SHA1:</b>&nbsp;80693ef2884927ee3c5464a7539fcfa4af382e14
                                                                                </p>
                                                <h4 id="header313" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content313" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hadoop-annotations</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.hadoop</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.7.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hadoop-annotations-2.7.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.7.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>classification</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hadoop</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>hadoop-annotations</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Hadoop Annotations</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.hadoop</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Hadoop Annotations</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>hadoop-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.hadoop</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.7.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header314" class="subsectionheader white">Identifiers</h4>
                                                <div id="content314" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:hadoop:2.7.2
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('hadoop-annotations-2.7.2.jar', '80693ef2884927ee3c5464a7539fcfa4af382e14', 'cpe', 'cpe:/a:apache:hadoop:2.7.2')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2280693ef2884927ee3c5464a7539fcfa4af382e14%22" target="_blank">org.apache.hadoop:hadoop-annotations:2.7.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l148_bf613cfec06a1f3d3a91d7f82f9e4af75bc01f72"></a>hadoop-auth-2.7.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Hadoop Auth - Java HTTP SPNEGO<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.hadoop\hadoop-auth\2.7.2\bf613cfec06a1f3d3a91d7f82f9e4af75bc01f72\hadoop-auth-2.7.2.jar<br/>
                            <b>MD5:</b>&nbsp;3aa98787a5b66b696c315ff78d61b355<br/>
                            <b>SHA1:</b>&nbsp;bf613cfec06a1f3d3a91d7f82f9e4af75bc01f72
                                                                                </p>
                                                <h4 id="header315" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content315" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hadoop-auth</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.hadoop</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.7.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hadoop-auth-2.7.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.7.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>authentication</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hadoop</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>security</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>hadoop-auth</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Hadoop Auth - Java HTTP SPNEGO</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.hadoop</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Hadoop Auth</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>hadoop-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.hadoop</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.7.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header316" class="subsectionheader white">Identifiers</h4>
                                                <div id="content316" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:hadoop:2.7.2
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('hadoop-auth-2.7.2.jar', 'bf613cfec06a1f3d3a91d7f82f9e4af75bc01f72', 'cpe', 'cpe:/a:apache:hadoop:2.7.2')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22bf613cfec06a1f3d3a91d7f82f9e4af75bc01f72%22" target="_blank">org.apache.hadoop:hadoop-auth:2.7.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l149_422eb48913fa6f81835b3192c97a576505b6c192"></a>hadoop-common-2.7.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Hadoop Common<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.hadoop\hadoop-common\2.7.2\422eb48913fa6f81835b3192c97a576505b6c192\hadoop-common-2.7.2.jar<br/>
                            <b>MD5:</b>&nbsp;8046d8c1f63ce2a6b1d331825c504f8b<br/>
                            <b>SHA1:</b>&nbsp;422eb48913fa6f81835b3192c97a576505b6c192
                                                                                </p>
                                                <h4 id="header317" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content317" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hadoop-common</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.hadoop</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.7.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hadoop-common-2.7.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.7.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hadoop</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>hadoop-common</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Hadoop Common</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.hadoop</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Hadoop Common</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>hadoop-project-dist</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.hadoop</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.7.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header318" class="subsectionheader white">Identifiers</h4>
                                                <div id="content318" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:hadoop:2.7.2
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('hadoop-common-2.7.2.jar', '422eb48913fa6f81835b3192c97a576505b6c192', 'cpe', 'cpe:/a:apache:hadoop:2.7.2')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22422eb48913fa6f81835b3192c97a576505b6c192%22" target="_blank">org.apache.hadoop:hadoop-common:2.7.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l150_3c304b3d9227fbf8af8bc1cab013271538c3cf0a"></a>hadoop-hdfs-2.7.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Hadoop HDFS<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.hadoop\hadoop-hdfs\2.7.2\3c304b3d9227fbf8af8bc1cab013271538c3cf0a\hadoop-hdfs-2.7.2.jar<br/>
                            <b>MD5:</b>&nbsp;f7db56210c32714e003e96127cef4caa<br/>
                            <b>SHA1:</b>&nbsp;3c304b3d9227fbf8af8bc1cab013271538c3cf0a
                                                                                </p>
                                                <h4 id="header319" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content319" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hadoop-hdfs</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.hadoop</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.7.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hadoop-hdfs-2.7.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.7.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hadoop</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hdfs</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>hadoop-hdfs</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Hadoop HDFS</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.hadoop</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Hadoop HDFS</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>hadoop-project-dist</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.hadoop</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.7.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header320" class="subsectionheader white">Identifiers</h4>
                                                <div id="content320" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:hadoop:2.7.2
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('hadoop-hdfs-2.7.2.jar', '3c304b3d9227fbf8af8bc1cab013271538c3cf0a', 'cpe', 'cpe:/a:apache:hadoop:2.7.2')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223c304b3d9227fbf8af8bc1cab013271538c3cf0a%22" target="_blank">org.apache.hadoop:hadoop-hdfs:2.7.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l151_8797cf3230f01e8724ef27a0ed565dabb6998c64"></a>htrace-core-3.2.0-incubating.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.htrace\htrace-core\3.2.0-incubating\8797cf3230f01e8724ef27a0ed565dabb6998c64\htrace-core-3.2.0-incubating.jar<br/>
                            <b>MD5:</b>&nbsp;0b1b1a63aca83a11545de49218a251bf<br/>
                            <b>SHA1:</b>&nbsp;8797cf3230f01e8724ef27a0ed565dabb6998c64
                                                                                </p>
                                                <h4 id="header321" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content321" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>htrace-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.htrace</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.2.0-incubating</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>htrace-core-3.2.0-incubating</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.2.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>fasterxml</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>htrace</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jackson</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>htrace-core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.htrace</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.2.0-incubating</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>htrace-core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>htrace-core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.htrace</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>htrace-core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>htrace</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.htrace</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://incubator.apache.org/projects/htrace.html</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.2.0-incubating</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header322" class="subsectionheader white">Identifiers</h4>
                                                <div id="content322" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/htrace/htrace-core/3.2.0-incubating/htrace-core-3.2.0-incubating.jar" target="_blank">org.apache.htrace:htrace-core:3.2.0-incubating</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l152_ed8235ea6d84480833675e709b415bde24ce25f7"></a>htrace-core-3.2.0-incubating.jar\META-INF/maven/com.fasterxml.jackson.core/jackson-core/pom.xml</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Core Jackson abstractions, basic JSON streaming API implementation
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.htrace\htrace-core\3.2.0-incubating\8797cf3230f01e8724ef27a0ed565dabb6998c64\htrace-core-3.2.0-incubating.jar\META-INF/maven/com.fasterxml.jackson.core/jackson-core/pom.xml<br/>
                            <b>MD5:</b>&nbsp;b5ed6cb7f987a4da86141638b1538d81<br/>
                            <b>SHA1:</b>&nbsp;ed8235ea6d84480833675e709b415bde24ce25f7
                                                                                </p>
                                                <h4 id="header323" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content323" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jackson-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Core Jackson abstractions, basic JSON streaming API implementation
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>fasterxml.jackson.core</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jackson-core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jackson-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.4.0</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://wiki.fasterxml.com/JacksonHome</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.4.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header324" class="subsectionheader white">Identifiers</h4>
                                                <div id="content324" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;com.fasterxml.jackson.core:jackson-core:2.4.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l153_3c0d06b6c0a9f4135fcf5c5557c751c0cd066c0c"></a>htrace-core-3.2.0-incubating.jar\META-INF/maven/com.fasterxml.jackson.core/jackson-databind/pom.xml</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;General data-binding functionality for Jackson: works on core streaming API<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.htrace\htrace-core\3.2.0-incubating\8797cf3230f01e8724ef27a0ed565dabb6998c64\htrace-core-3.2.0-incubating.jar\META-INF/maven/com.fasterxml.jackson.core/jackson-databind/pom.xml<br/>
                            <b>MD5:</b>&nbsp;d3f7afe903419aa0c03f9cf8682e1a69<br/>
                            <b>SHA1:</b>&nbsp;3c0d06b6c0a9f4135fcf5c5557c751c0cd066c0c
                                                                                </p>
                                                <h4 id="header325" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content325" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jackson-databind</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>General data-binding functionality for Jackson: works on core streaming API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>fasterxml.jackson.core</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>jackson-databind</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jackson-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.4.0</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://wiki.fasterxml.com/JacksonHome</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.4.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header326" class="subsectionheader white">Identifiers</h4>
                                                <div id="content326" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;com.fasterxml.jackson.core:jackson-databind:2.4.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l154_76672afb562b9e903674ad3a544cdf2092f1faa3"></a>htrace-core-3.2.0-incubating.jar\META-INF/maven/commons-logging/commons-logging/pom.xml</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.htrace\htrace-core\3.2.0-incubating\8797cf3230f01e8724ef27a0ed565dabb6998c64\htrace-core-3.2.0-incubating.jar\META-INF/maven/commons-logging/commons-logging/pom.xml<br/>
                            <b>MD5:</b>&nbsp;976d812430b8246deeaf2ea54610f263<br/>
                            <b>SHA1:</b>&nbsp;76672afb562b9e903674ad3a544cdf2092f1faa3
                                                                                </p>
                                                <h4 id="header327" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content327" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>commons-logging</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Commons Logging is a thin adapter allowing configurable bridging to other, well known logging systems.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>commons-logging</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Commons Logging</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>commons-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.1.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://commons.apache.org/logging</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header328" class="subsectionheader white">Identifiers</h4>
                                                <div id="content328" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;commons-logging:commons-logging:1.1.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l155_6c9ba9c38bca8742d5745bb27bcd4b9c7542ea24"></a>httpclient-cache-4.4.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
   Apache HttpComponents HttpClient - Cache
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.httpcomponents\httpclient-cache\4.4.1\6c9ba9c38bca8742d5745bb27bcd4b9c7542ea24\httpclient-cache-4.4.1.jar<br/>
                            <b>MD5:</b>&nbsp;5d79921ccafc2a735f6c4186a3366e9e<br/>
                            <b>SHA1:</b>&nbsp;6c9ba9c38bca8742d5745bb27bcd4b9c7542ea24
                                                                                </p>
                                                <h4 id="header329" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content329" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>httpclient-cache</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.httpcomponents</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>httpclient-cache-4.4.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/4.4.1-RC1/httpclient-cache@r1668921; 2015-03-24 16:41:37+0100</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>HttpComponents Apache HttpClient Cache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>HttpComponents Apache HttpClient Cache</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://hc.apache.org/httpcomponents-client</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>httpclient-cache</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
   Apache HttpComponents HttpClient - Cache
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.httpcomponents</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache HttpClient Cache</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>httpcomponents-client</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.httpcomponents</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://hc.apache.org/httpcomponents-client</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.4.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header330" class="subsectionheader white">Identifiers</h4>
                                                <div id="content330" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:httpclient:4.4.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('httpclient-cache-4.4.1.jar', '6c9ba9c38bca8742d5745bb27bcd4b9c7542ea24', 'cpe', 'cpe:/a:apache:httpclient:4.4.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%226c9ba9c38bca8742d5745bb27bcd4b9c7542ea24%22" target="_blank">org.apache.httpcomponents:httpclient-cache:4.4.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l156_016d0bc512222f1253ee6b64d389c84e22f697f0"></a>httpclient-4.4.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
   Apache HttpComponents Client
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.httpcomponents\httpclient\4.4.1\16d0bc512222f1253ee6b64d389c84e22f697f0\httpclient-4.4.1.jar<br/>
                            <b>MD5:</b>&nbsp;38f9399922142fc9538d690dbaae7e2e<br/>
                            <b>SHA1:</b>&nbsp;016d0bc512222f1253ee6b64d389c84e22f697f0
                                                                                </p>
                                                <h4 id="header331" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content331" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>httpclient</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.httpcomponents</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>httpclient-4.4.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/4.4.1-RC1/httpclient@r1668921; 2015-03-24 16:41:37+0100</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>HttpComponents Apache HttpClient</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>HttpComponents Apache HttpClient</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://hc.apache.org/httpcomponents-client</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>httpclient</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
   Apache HttpComponents Client
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.httpcomponents</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache HttpClient</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>httpcomponents-client</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.httpcomponents</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://hc.apache.org/httpcomponents-client</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.4.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header332" class="subsectionheader white">Identifiers</h4>
                                                <div id="content332" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:httpclient:4.4.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('httpclient-4.4.1.jar', '016d0bc512222f1253ee6b64d389c84e22f697f0', 'cpe', 'cpe:/a:apache:httpclient:4.4.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22016d0bc512222f1253ee6b64d389c84e22f697f0%22" target="_blank">org.apache.httpcomponents:httpclient:4.4.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l157_f5aa318bda4c6c8d688c9d00b90681dcd82ce636"></a>httpcore-4.4.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
   Apache HttpComponents Core (blocking I/O)
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.httpcomponents\httpcore\4.4.1\f5aa318bda4c6c8d688c9d00b90681dcd82ce636\httpcore-4.4.1.jar<br/>
                            <b>MD5:</b>&nbsp;27bf6d5323a86a6115b607ce82512d6c<br/>
                            <b>SHA1:</b>&nbsp;f5aa318bda4c6c8d688c9d00b90681dcd82ce636
                                                                                </p>
                                                <h4 id="header333" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content333" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>httpcore</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.httpcomponents</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>httpcore-4.4.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/4.4.1-RC1/httpcore@r1666708; 2015-03-14 17:26:58+0100</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>HttpComponents Apache HttpCore</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>HttpComponents Apache HttpCore</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://hc.apache.org/httpcomponents-core-ga</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>httpcore</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
   Apache HttpComponents Core (blocking I/O)
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.httpcomponents</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache HttpCore</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>httpcomponents-core</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.httpcomponents</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://hc.apache.org/httpcomponents-core-ga</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.4.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header334" class="subsectionheader white">Identifiers</h4>
                                                <div id="content334" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22f5aa318bda4c6c8d688c9d00b90681dcd82ce636%22" target="_blank">org.apache.httpcomponents:httpcore:4.4.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l158_2f8757f5ac5e38f46c794e5229d1f3c522e9b1df"></a>httpmime-4.4.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
   Apache HttpComponents HttpClient - MIME coded entities
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.httpcomponents\httpmime\4.4.1\2f8757f5ac5e38f46c794e5229d1f3c522e9b1df\httpmime-4.4.1.jar<br/>
                            <b>MD5:</b>&nbsp;678b75d71032e823480a41123b6b3ce2<br/>
                            <b>SHA1:</b>&nbsp;2f8757f5ac5e38f46c794e5229d1f3c522e9b1df
                                                                                </p>
                                                <h4 id="header335" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content335" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>httpmime</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.httpcomponents</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>httpmime-4.4.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-build</td><td>tags/4.4.1-RC1/httpmime@r1668921; 2015-03-24 16:41:37+0100</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>HttpComponents Apache HttpClient Mime</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>HttpComponents Apache HttpClient Mime</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://hc.apache.org/httpcomponents-client</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>httpmime</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
   Apache HttpComponents HttpClient - MIME coded entities
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.httpcomponents</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache HttpClient Mime</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>httpcomponents-client</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.httpcomponents</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://hc.apache.org/httpcomponents-client</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.4.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header336" class="subsectionheader white">Identifiers</h4>
                                                <div id="content336" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:httpclient:4.4.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('httpmime-4.4.1.jar', '2f8757f5ac5e38f46c794e5229d1f3c522e9b1df', 'cpe', 'cpe:/a:apache:httpclient:4.4.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%222f8757f5ac5e38f46c794e5229d1f3c522e9b1df%22" target="_blank">org.apache.httpcomponents:httpmime:4.4.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l159_a81264fe0265ebe8fd1d8128aad06dc320de6eef"></a>apache-mime4j-core-0.7.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java stream based MIME message parser<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.james\apache-mime4j-core\0.7.2\a81264fe0265ebe8fd1d8128aad06dc320de6eef\apache-mime4j-core-0.7.2.jar<br/>
                            <b>MD5:</b>&nbsp;88f799546eca803c53eee01a4ce5edcd<br/>
                            <b>SHA1:</b>&nbsp;a81264fe0265ebe8fd1d8128aad06dc320de6eef
                                                                                </p>
                                                <h4 id="header337" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content337" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>apache-mime4j-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.james</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.7.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>apache-mime4j-core-0.7.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.7.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Java stream based MIME message parser</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache JAMES Mime4j (Core)</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.james.apache-mime4j-core</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.7.2</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Mime4j</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.7.2</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Mime4j</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://james.apache.org/mime4j/apache-mime4j-core</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache-mime4j-core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.james</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache JAMES Mime4j (Core)</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache-mime4j-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.james</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.7.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header338" class="subsectionheader white">Identifiers</h4>
                                                <div id="content338" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:james:0.7.2
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('apache-mime4j-core-0.7.2.jar', 'a81264fe0265ebe8fd1d8128aad06dc320de6eef', 'cpe', 'cpe:/a:apache:james:0.7.2')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22a81264fe0265ebe8fd1d8128aad06dc320de6eef%22" target="_blank">org.apache.james:apache-mime4j-core:0.7.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l160_1c289aa264548a0a1f1b43685a9cb2ab23f67287"></a>apache-mime4j-dom-0.7.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java MIME Document Object Model<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.james\apache-mime4j-dom\0.7.2\1c289aa264548a0a1f1b43685a9cb2ab23f67287\apache-mime4j-dom-0.7.2.jar<br/>
                            <b>MD5:</b>&nbsp;dedc747b5c367fbd7f8a7235d1d7cbee<br/>
                            <b>SHA1:</b>&nbsp;1c289aa264548a0a1f1b43685a9cb2ab23f67287
                                                                                </p>
                                                <h4 id="header339" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content339" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>apache-mime4j-dom</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.james</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.7.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>apache-mime4j-dom-0.7.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.7.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Java MIME Document Object Model</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache JAMES Mime4j (DOM)</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.james.apache-mime4j-dom</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.7.2</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Mime4j</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.7.2</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Mime4j</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://james.apache.org/mime4j/apache-mime4j-dom</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache-mime4j-dom</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Java MIME Document Object Model</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.james</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache JAMES Mime4j (DOM)</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache-mime4j-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.james</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.7.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header340" class="subsectionheader white">Identifiers</h4>
                                                <div id="content340" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:james:0.7.2
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('apache-mime4j-dom-0.7.2.jar', '1c289aa264548a0a1f1b43685a9cb2ab23f67287', 'cpe', 'cpe:/a:apache:james:0.7.2')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%221c289aa264548a0a1f1b43685a9cb2ab23f67287%22" target="_blank">org.apache.james:apache-mime4j-dom:0.7.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l161_3b4c5a8b734b6a29b2f03380535a48da6284b210"></a>log4j-1.2-api-2.6.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Apache Log4j 1.x Compatibility API<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.logging.log4j\log4j-1.2-api\2.6.2\3b4c5a8b734b6a29b2f03380535a48da6284b210\log4j-1.2-api-2.6.2.jar<br/>
                            <b>MD5:</b>&nbsp;234f246caa9232963667d5eaecdc4452<br/>
                            <b>SHA1:</b>&nbsp;3b4c5a8b734b6a29b2f03380535a48da6284b210
                                                                                </p>
                                                <h4 id="header341" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content341" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>log4j-1.2-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.logging.log4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>log4j-1.2-api-2.6.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Log4j 1.x Compatibility API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Log4j 1.x Compatibility API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.1.2-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Log4j 1.x Compatibility API</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td></tr>
                                                                    <tr><td>Manifest</td><td>log4jreleaseversion</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Log4j 1.x Compatibility API</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>log4j-1.2-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Apache Log4j 1.x Compatibility API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.logging.log4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Log4j 1.x Compatibility API</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>log4j</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.logging.log4j</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header342" class="subsectionheader white">Identifiers</h4>
                                                <div id="content342" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223b4c5a8b734b6a29b2f03380535a48da6284b210%22" target="_blank">org.apache.logging.log4j:log4j-1.2-api:2.6.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l162_bd1b74a5d170686362091c7cf596bbc3adf5c09b"></a>log4j-api-2.6.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Apache Log4j API<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.logging.log4j\log4j-api\2.6.2\bd1b74a5d170686362091c7cf596bbc3adf5c09b\log4j-api-2.6.2.jar<br/>
                            <b>MD5:</b>&nbsp;cfe83fed6d54c335c1ec68518e62c485<br/>
                            <b>SHA1:</b>&nbsp;bd1b74a5d170686362091c7cf596bbc3adf5c09b
                                                                                </p>
                                                <h4 id="header343" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content343" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>log4j-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.logging.log4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>log4j-api-2.6.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Log4j API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Log4j API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Log4j API</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td></tr>
                                                                    <tr><td>Manifest</td><td>log4jreleaseversion</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Log4j API</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>log4j-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Apache Log4j API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.logging.log4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Log4j API</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>log4j</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.logging.log4j</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header344" class="subsectionheader white">Identifiers</h4>
                                                <div id="content344" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22bd1b74a5d170686362091c7cf596bbc3adf5c09b%22" target="_blank">org.apache.logging.log4j:log4j-api:2.6.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l163_00a91369f655eb1639c6aece5c5eb5108db18306"></a>log4j-core-2.6.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Apache Log4j Implementation<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.logging.log4j\log4j-core\2.6.2\a91369f655eb1639c6aece5c5eb5108db18306\log4j-core-2.6.2.jar<br/>
                            <b>MD5:</b>&nbsp;472c8e1fbaa0e61520e025c255b5d168<br/>
                            <b>SHA1:</b>&nbsp;00a91369f655eb1639c6aece5c5eb5108db18306
                                                                                </p>
                                                <h4 id="header345" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content345" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>log4j-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.logging.log4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>log4j-core-2.6.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Log4j Implementation</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Log4j Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Log4j Core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td></tr>
                                                                    <tr><td>Manifest</td><td>log4jreleaseversion</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Log4j Core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>log4j-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Apache Log4j Implementation</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.logging.log4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Log4j Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>log4j</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.logging.log4j</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header346" class="subsectionheader white">Identifiers</h4>
                                                <div id="content346" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jcore:jcore:2.6.2
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('log4j-core-2.6.2.jar', '00a91369f655eb1639c6aece5c5eb5108db18306', 'cpe', 'cpe:/a:jcore:jcore:2.6.2')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2200a91369f655eb1639c6aece5c5eb5108db18306%22" target="_blank">org.apache.logging.log4j:log4j-core:2.6.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l164_afb8205d03d7f30405b385a2b0fdf1086bc9bc2a"></a>log4j-jul-2.6.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Apache Log4j implementation of java.util.logging<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.logging.log4j\log4j-jul\2.6.2\afb8205d03d7f30405b385a2b0fdf1086bc9bc2a\log4j-jul-2.6.2.jar<br/>
                            <b>MD5:</b>&nbsp;e8c9a4863947070c32c85307e305898e<br/>
                            <b>SHA1:</b>&nbsp;afb8205d03d7f30405b385a2b0fdf1086bc9bc2a
                                                                                </p>
                                                <h4 id="header347" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content347" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>log4j-jul</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.logging.log4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>log4j-jul-2.6.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Log4j implementation of java.util.logging</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Log4j JUL Adapter</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.jul</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Log4j JUL Adapter</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td></tr>
                                                                    <tr><td>Manifest</td><td>log4jreleaseversion</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Log4j JUL Adapter</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>log4j-jul</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Apache Log4j implementation of java.util.logging</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.logging.log4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Log4j JUL Adapter</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>log4j</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.logging.log4j</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header348" class="subsectionheader white">Identifiers</h4>
                                                <div id="content348" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22afb8205d03d7f30405b385a2b0fdf1086bc9bc2a%22" target="_blank">org.apache.logging.log4j:log4j-jul:2.6.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l165_71d6c56133e0548e07434add048d7a7a2db53512"></a>log4j-slf4j-impl-2.6.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Apache Log4j SLF4J API binding to Log4j 2 Core<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.logging.log4j\log4j-slf4j-impl\2.6.2\71d6c56133e0548e07434add048d7a7a2db53512\log4j-slf4j-impl-2.6.2.jar<br/>
                            <b>MD5:</b>&nbsp;14c2fe3d01fc4a2ab0ed00bb3b3929dc<br/>
                            <b>SHA1:</b>&nbsp;71d6c56133e0548e07434add048d7a7a2db53512
                                                                                </p>
                                                <h4 id="header349" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content349" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>log4j-slf4j-impl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.logging.log4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>log4j-slf4j-impl-2.6.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.6.2</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Log4j SLF4J API binding to Log4j 2 Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Log4j SLF4J Binding</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.slf4j-impl</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Log4j SLF4J Binding</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td></tr>
                                                                    <tr><td>Manifest</td><td>log4jreleaseversion</td><td>2.6.2</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Log4j SLF4J Binding</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>log4j-slf4j-impl</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Apache Log4j SLF4J API binding to Log4j 2 Core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.logging.log4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Log4j SLF4J Binding</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>log4j</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.logging.log4j</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header350" class="subsectionheader white">Identifiers</h4>
                                                <div id="content350" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2271d6c56133e0548e07434add048d7a7a2db53512%22" target="_blank">org.apache.logging.log4j:log4j-slf4j-impl:2.6.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l166_8e08c604b610cdb91b898c841e8a8254b0f020dc"></a>lucene-analyzers-common-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Additional Analyzers<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-analyzers-common\6.2.1\8e08c604b610cdb91b898c841e8a8254b0f020dc\lucene-analyzers-common-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;ecdced06c9c0a084b793f7db5c649577<br/>
                            <b>SHA1:</b>&nbsp;8e08c604b610cdb91b898c841e8a8254b0f020dc
                                                                                </p>
                                                <h4 id="header351" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content351" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-analyzers-common</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-analyzers-common-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>analysis</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:15:51</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: analyzers-common</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-analyzers-common</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Additional Analyzers</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Common Analyzers</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header352" class="subsectionheader white">Identifiers</h4>
                                                <div id="content352" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-analyzers-common/6.2.1/lucene-analyzers-common-6.2.1.jar" target="_blank">org.apache.lucene:lucene-analyzers-common:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l167_776bbdb9527f0a261d860b8e9c682329686c23a8"></a>lucene-analyzers-kuromoji-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
  	 Lucene Kuromoji Japanese Morphological Analyzer
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-analyzers-kuromoji\6.2.1\776bbdb9527f0a261d860b8e9c682329686c23a8\lucene-analyzers-kuromoji-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;0a56c3758e63bb9085e6c71cc6b14904<br/>
                            <b>SHA1:</b>&nbsp;776bbdb9527f0a261d860b8e9c682329686c23a8
                                                                                </p>
                                                <h4 id="header353" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content353" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-analyzers-kuromoji</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-analyzers-kuromoji-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>analysis</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ja</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:15:53</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: analyzers-kuromoji</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-analyzers-kuromoji</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
  	 Lucene Kuromoji Japanese Morphological Analyzer
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Kuromoji Japanese Morphological Analyzer</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header354" class="subsectionheader white">Identifiers</h4>
                                                <div id="content354" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-analyzers-kuromoji/6.2.1/lucene-analyzers-kuromoji-6.2.1.jar" target="_blank">org.apache.lucene:lucene-analyzers-kuromoji:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l168_00bdbd633a9e54bd9e5874ac021dee34fcf7dd2b"></a>lucene-analyzers-phonetic-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
  	Provides phonetic encoding via Commons Codec.
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-analyzers-phonetic\6.2.1\bdbd633a9e54bd9e5874ac021dee34fcf7dd2b\lucene-analyzers-phonetic-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;b010e07d94bcac8a05ff376c1b0624a1<br/>
                            <b>SHA1:</b>&nbsp;00bdbd633a9e54bd9e5874ac021dee34fcf7dd2b
                                                                                </p>
                                                <h4 id="header355" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content355" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-analyzers-phonetic</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-analyzers-phonetic-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>analysis</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>phonetic</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:15:54</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: analyzers-phonetic</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-analyzers-phonetic</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
  	Provides phonetic encoding via Commons Codec.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Phonetic Filters</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header356" class="subsectionheader white">Identifiers</h4>
                                                <div id="content356" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-analyzers-phonetic/6.2.1/lucene-analyzers-phonetic-6.2.1.jar" target="_blank">org.apache.lucene:lucene-analyzers-phonetic:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l169_44a7dc95efbf08c1bcbacef618b1b2837ca8fe01"></a>lucene-backward-codecs-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Codecs for older versions of Lucene.
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-backward-codecs\6.2.1\44a7dc95efbf08c1bcbacef618b1b2837ca8fe01\lucene-backward-codecs-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;670db0ebdc30b604bf71456d0de2926c<br/>
                            <b>SHA1:</b>&nbsp;44a7dc95efbf08c1bcbacef618b1b2837ca8fe01
                                                                                </p>
                                                <h4 id="header357" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content357" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-backward-codecs</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-backward-codecs-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>codecs</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene50</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:15:58</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: backward-codecs</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-backward-codecs</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
    Codecs for older versions of Lucene.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Memory</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header358" class="subsectionheader white">Identifiers</h4>
                                                <div id="content358" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-backward-codecs/6.2.1/lucene-backward-codecs-6.2.1.jar" target="_blank">org.apache.lucene:lucene-backward-codecs:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l170_4098f194326046ad11445fe721e2c214ef0d4c8a"></a>lucene-classification-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Lucene Classification<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-classification\6.2.1\4098f194326046ad11445fe721e2c214ef0d4c8a\lucene-classification-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;acd35298054e26169f3d61047948c96b<br/>
                            <b>SHA1:</b>&nbsp;4098f194326046ad11445fe721e2c214ef0d4c8a
                                                                                </p>
                                                <h4 id="header359" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content359" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-classification</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-classification-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>classification</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:15:59</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: classification</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-classification</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Lucene Classification</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Classification</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header360" class="subsectionheader white">Identifiers</h4>
                                                <div id="content360" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-classification/6.2.1/lucene-classification-6.2.1.jar" target="_blank">org.apache.lucene:lucene-classification:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l171_38f65ac4b2dd86ee99ead892693b80b2adec7aa9"></a>lucene-codecs-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Codecs and postings formats for Apache Lucene.
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-codecs\6.2.1\38f65ac4b2dd86ee99ead892693b80b2adec7aa9\lucene-codecs-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;e20960ed90458689830be96f6f493201<br/>
                            <b>SHA1:</b>&nbsp;38f65ac4b2dd86ee99ead892693b80b2adec7aa9
                                                                                </p>
                                                <h4 id="header361" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content361" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-codecs</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-codecs-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>codecs</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:00</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: codecs</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-codecs</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
    Codecs and postings formats for Apache Lucene.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene codecs</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header362" class="subsectionheader white">Identifiers</h4>
                                                <div id="content362" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-codecs/6.2.1/lucene-codecs-6.2.1.jar" target="_blank">org.apache.lucene:lucene-codecs:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l172_a1d9ed9e06072fefa13b070628269ccc0a90d7cc"></a>lucene-core-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Lucene Java Core<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-core\6.2.1\a1d9ed9e06072fefa13b070628269ccc0a90d7cc\lucene-core-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;1a67d55dc5881af5602ce869c6329511<br/>
                            <b>SHA1:</b>&nbsp;a1d9ed9e06072fefa13b070628269ccc0a90d7cc
                                                                                </p>
                                                <h4 id="header363" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content363" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-core-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:15:20</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Lucene Java Core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header364" class="subsectionheader white">Identifiers</h4>
                                                <div id="content364" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-core/6.2.1/lucene-core-6.2.1.jar" target="_blank">org.apache.lucene:lucene-core:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l173_41a8af299cc316414d1a0202dd8adcfd7cb24378"></a>lucene-expressions-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
     Dynamically computed values to sort/facet/search on based on a pluggable grammar.
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-expressions\6.2.1\41a8af299cc316414d1a0202dd8adcfd7cb24378\lucene-expressions-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;01d0987d959342962e9784f0f0c8fb62<br/>
                            <b>SHA1:</b>&nbsp;41a8af299cc316414d1a0202dd8adcfd7cb24378
                                                                                </p>
                                                <h4 id="header365" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content365" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-expressions</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-expressions-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>expressions</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>js</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:01</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: expressions</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-expressions</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
     Dynamically computed values to sort/facet/search on based on a pluggable grammar.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Expressions</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header366" class="subsectionheader white">Identifiers</h4>
                                                <div id="content366" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-expressions/6.2.1/lucene-expressions-6.2.1.jar" target="_blank">org.apache.lucene:lucene-expressions:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l174_42565071d9389e574241e8c6b427ee6be74710de"></a>lucene-grouping-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Lucene Grouping Module<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-grouping\6.2.1\42565071d9389e574241e8c6b427ee6be74710de\lucene-grouping-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;deb988b29a7b54fd20494f0e3ffec2c8<br/>
                            <b>SHA1:</b>&nbsp;42565071d9389e574241e8c6b427ee6be74710de
                                                                                </p>
                                                <h4 id="header367" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content367" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-grouping</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-grouping-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>grouping</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>search</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:03</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: grouping</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-grouping</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Lucene Grouping Module</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Grouping</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header368" class="subsectionheader white">Identifiers</h4>
                                                <div id="content368" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-grouping/6.2.1/lucene-grouping-6.2.1.jar" target="_blank">org.apache.lucene:lucene-grouping:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l175_e383f4f7e7cb125f5fc9a53673ad010b75b08881"></a>lucene-highlighter-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    This is the highlighter for apache lucene java
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-highlighter\6.2.1\e383f4f7e7cb125f5fc9a53673ad010b75b08881\lucene-highlighter-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;15a5cb6f377209672f9b818cf98a9b86<br/>
                            <b>SHA1:</b>&nbsp;e383f4f7e7cb125f5fc9a53673ad010b75b08881
                                                                                </p>
                                                <h4 id="header369" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content369" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-highlighter</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-highlighter-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>search</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:03</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: highlighter</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-highlighter</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
    This is the highlighter for apache lucene java
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Highlighter</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header370" class="subsectionheader white">Identifiers</h4>
                                                <div id="content370" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-highlighter/6.2.1/lucene-highlighter-6.2.1.jar" target="_blank">org.apache.lucene:lucene-highlighter:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l176_1cf28b0e73e8ee49adc5665d3f4ff8ba637c82a4"></a>lucene-join-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Lucene Join Module<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-join\6.2.1\1cf28b0e73e8ee49adc5665d3f4ff8ba637c82a4\lucene-join-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;8a967fdde248737697f41f02115d5ff7<br/>
                            <b>SHA1:</b>&nbsp;1cf28b0e73e8ee49adc5665d3f4ff8ba637c82a4
                                                                                </p>
                                                <h4 id="header371" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content371" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-join</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-join-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>join</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>search</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:04</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: join</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-join</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Lucene Join Module</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Join</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header372" class="subsectionheader white">Identifiers</h4>
                                                <div id="content372" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-join/6.2.1/lucene-join-6.2.1.jar" target="_blank">org.apache.lucene:lucene-join:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l177_8fc0530a1743a9e8b9e0524fcd970dc4e9f61768"></a>lucene-memory-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    High-performance single-document index to compare against Query
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-memory\6.2.1\8fc0530a1743a9e8b9e0524fcd970dc4e9f61768\lucene-memory-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;b1d9f2679a01d9954137d891e3c5020a<br/>
                            <b>SHA1:</b>&nbsp;8fc0530a1743a9e8b9e0524fcd970dc4e9f61768
                                                                                </p>
                                                <h4 id="header373" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content373" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-memory</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-memory-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>index</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>memory</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:04</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: memory</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-memory</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
    High-performance single-document index to compare against Query
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Memory</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header374" class="subsectionheader white">Identifiers</h4>
                                                <div id="content374" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-memory/6.2.1/lucene-memory-6.2.1.jar" target="_blank">org.apache.lucene:lucene-memory:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l178_2c42a3de2108815591b334de27dc845304c62982"></a>lucene-misc-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Miscellaneous Lucene extensions<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-misc\6.2.1\2c42a3de2108815591b334de27dc845304c62982\lucene-misc-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;98d467d8847a01bb44f926fb344883b8<br/>
                            <b>SHA1:</b>&nbsp;2c42a3de2108815591b334de27dc845304c62982
                                                                                </p>
                                                <h4 id="header375" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content375" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-misc</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-misc-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>uninverting</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:05</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: misc</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-misc</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Miscellaneous Lucene extensions</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Miscellaneous</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header376" class="subsectionheader white">Identifiers</h4>
                                                <div id="content376" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-misc/6.2.1/lucene-misc-6.2.1.jar" target="_blank">org.apache.lucene:lucene-misc:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l179_d4c6985642bee49c09c158a3af6dbf790e8e6c21"></a>lucene-queries-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Lucene Queries Module<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-queries\6.2.1\d4c6985642bee49c09c158a3af6dbf790e8e6c21\lucene-queries-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;d13517b0ed84183289773f04f6f924f8<br/>
                            <b>SHA1:</b>&nbsp;d4c6985642bee49c09c158a3af6dbf790e8e6c21
                                                                                </p>
                                                <h4 id="header377" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content377" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-queries</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-queries-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>function</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>queries</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:06</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: queries</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-queries</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Lucene Queries Module</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Queries</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header378" class="subsectionheader white">Identifiers</h4>
                                                <div id="content378" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-queries/6.2.1/lucene-queries-6.2.1.jar" target="_blank">org.apache.lucene:lucene-queries:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l180_2eeedc63e931b2ed4bb5432c93cf37306730e3d2"></a>lucene-queryparser-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Lucene QueryParsers module<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-queryparser\6.2.1\2eeedc63e931b2ed4bb5432c93cf37306730e3d2\lucene-queryparser-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;06f11def1070223c933ff5cf07fa08fd<br/>
                            <b>SHA1:</b>&nbsp;2eeedc63e931b2ed4bb5432c93cf37306730e3d2
                                                                                </p>
                                                <h4 id="header379" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content379" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-queryparser</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-queryparser-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>flexible</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>queryparser</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:06</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: queryparser</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-queryparser</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Lucene QueryParsers module</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene QueryParsers</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header380" class="subsectionheader white">Identifiers</h4>
                                                <div id="content380" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-queryparser/6.2.1/lucene-queryparser-6.2.1.jar" target="_blank">org.apache.lucene:lucene-queryparser:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l181_d06329b1b540b56d0cdde76dc370daa38a29ff7a"></a>lucene-sandbox-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Lucene Sandbox<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-sandbox\6.2.1\d06329b1b540b56d0cdde76dc370daa38a29ff7a\lucene-sandbox-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;3f8507b0f6210e753c0511bc55c03e4e<br/>
                            <b>SHA1:</b>&nbsp;d06329b1b540b56d0cdde76dc370daa38a29ff7a
                                                                                </p>
                                                <h4 id="header381" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content381" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-sandbox</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-sandbox-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>document</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:07</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: sandbox</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-sandbox</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Lucene Sandbox</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Sandbox</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header382" class="subsectionheader white">Identifiers</h4>
                                                <div id="content382" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-sandbox/6.2.1/lucene-sandbox-6.2.1.jar" target="_blank">org.apache.lucene:lucene-sandbox:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l182_6ef1d5bd2e1effeb4dda6e668b9ffa2dc4410e86"></a>lucene-spatial-extras-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Advanced Spatial Shape Strategies for Apache Lucene
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-spatial-extras\6.2.1\6ef1d5bd2e1effeb4dda6e668b9ffa2dc4410e86\lucene-spatial-extras-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;e5e4a1429e1ad57c902250efc3c33f66<br/>
                            <b>SHA1:</b>&nbsp;6ef1d5bd2e1effeb4dda6e668b9ffa2dc4410e86
                                                                                </p>
                                                <h4 id="header383" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content383" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-spatial-extras</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-spatial-extras-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>prefix</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>spatial</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:08</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: spatial-extras</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-spatial-extras</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
    Advanced Spatial Shape Strategies for Apache Lucene
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Spatial Extras</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header384" class="subsectionheader white">Identifiers</h4>
                                                <div id="content384" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-spatial-extras/6.2.1/lucene-spatial-extras-6.2.1.jar" target="_blank">org.apache.lucene:lucene-spatial-extras:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l183_dbeb47e91e175ba4781fc629574977f493d3c1b2"></a>lucene-suggest-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Lucene Suggest Module<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.lucene\lucene-suggest\6.2.1\dbeb47e91e175ba4781fc629574977f493d3c1b2\lucene-suggest-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;2c1c3362e9319eefe90474200ef80fd8<br/>
                            <b>SHA1:</b>&nbsp;dbeb47e91e175ba4781fc629574977f493d3c1b2
                                                                                </p>
                                                <h4 id="header385" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content385" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>lucene-suggest</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>lucene-suggest-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lucene</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>search</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>suggest</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:16:10</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Lucene Search Engine: suggest</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lucene-suggest</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Lucene Suggest Module</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Lucene Suggest</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>lucene-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.lucene</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header386" class="subsectionheader white">Identifiers</h4>
                                                <div id="content386" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/lucene/lucene-suggest/6.2.1/lucene-suggest-6.2.1.jar" target="_blank">org.apache.lucene:lucene-suggest:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l184_e294693ce217bd6f470b728127854e6ca787fd29"></a>maven-scm-api-1.4.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The SCM API provides mechanisms to manage all SCM tools.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.maven.scm\maven-scm-api\1.4\e294693ce217bd6f470b728127854e6ca787fd29\maven-scm-api-1.4.jar<br/>
                            <b>MD5:</b>&nbsp;bc840a6620ec3d3c56ce58b10076cef4<br/>
                            <b>SHA1:</b>&nbsp;e294693ce217bd6f470b728127854e6ca787fd29
                                                                                </p>
                                                <h4 id="header387" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content387" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>maven-scm-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.maven.scm</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.4</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>maven-scm-api-1.4</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Maven SCM API</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.maven.scm</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Maven SCM API</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>maven-scm-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The SCM API provides mechanisms to manage all SCM tools.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.maven.scm</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Maven SCM API</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>maven-scm</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.maven.scm</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.4</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header388" class="subsectionheader white">Identifiers</h4>
                                                <div id="content388" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22e294693ce217bd6f470b728127854e6ca787fd29%22" target="_blank">org.apache.maven.scm:maven-scm-api:1.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l185_54bc1dc24c5d205b4d251a83f4ea63808c21a628"></a>maven-scm-provider-svn-commons-1.4.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Common library for SCM SVN Provider.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.maven.scm\maven-scm-provider-svn-commons\1.4\54bc1dc24c5d205b4d251a83f4ea63808c21a628\maven-scm-provider-svn-commons-1.4.jar<br/>
                            <b>MD5:</b>&nbsp;09e3cb24fa48c3d6427e1d2b79b42d26<br/>
                            <b>SHA1:</b>&nbsp;54bc1dc24c5d205b4d251a83f4ea63808c21a628
                                                                                </p>
                                                <h4 id="header389" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content389" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>maven-scm-provider-svn-commons</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.maven.scm</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.4</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>maven-scm-provider-svn-commons-1.4</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Maven SCM Subversion Provider - Common library</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.maven.scm</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Maven SCM Subversion Provider - Common library</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>maven-scm-provider-svn-commons</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Common library for SCM SVN Provider.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.maven.scm</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Maven SCM Subversion Provider - Common library</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>maven-scm-providers-svn</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.maven.scm</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.4</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header390" class="subsectionheader white">Identifiers</h4>
                                                <div id="content390" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2254bc1dc24c5d205b4d251a83f4ea63808c21a628%22" target="_blank">org.apache.maven.scm:maven-scm-provider-svn-commons:1.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l186_b3213b40157b701ba079b738baac391e41418c18"></a>maven-scm-provider-svnexe-1.4.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Executable library for SCM SVN Provider.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.maven.scm\maven-scm-provider-svnexe\1.4\b3213b40157b701ba079b738baac391e41418c18\maven-scm-provider-svnexe-1.4.jar<br/>
                            <b>MD5:</b>&nbsp;6624c9c3324f88619205c2b8c60e583b<br/>
                            <b>SHA1:</b>&nbsp;b3213b40157b701ba079b738baac391e41418c18
                                                                                </p>
                                                <h4 id="header391" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content391" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>maven-scm-provider-svnexe</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.maven.scm</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.4</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>maven-scm-provider-svnexe-1.4</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Maven SCM Subversion Provider - SVN Executable Impl.</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.maven.scm</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Maven SCM Subversion Provider - SVN Executable Impl.</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>maven-scm-provider-svnexe</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Executable library for SCM SVN Provider.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.maven.scm</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Maven SCM Subversion Provider - SVN Executable Impl.</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>maven-scm-providers-svn</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.maven.scm</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.4</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header392" class="subsectionheader white">Identifiers</h4>
                                                <div id="content392" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22b3213b40157b701ba079b738baac391e41418c18%22" target="_blank">org.apache.maven.scm:maven-scm-provider-svnexe:1.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l187_ee37a38bbf9f355ee88ba554a85c9220b75ba500"></a>neethi-3.0.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Neethi provides general framework for the programmers to use WS Policy. It is compliant with latest WS Policy specification which was published in March 2006. This framework is specifically written to enable the Apache Web services stack to use WS Policy as a way of expressing it's requirements and capabilities.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.neethi\neethi\3.0.3\ee37a38bbf9f355ee88ba554a85c9220b75ba500\neethi-3.0.3.jar<br/>
                            <b>MD5:</b>&nbsp;8a81813a03e2899ccd31f0e92f6cc691<br/>
                            <b>SHA1:</b>&nbsp;ee37a38bbf9f355ee88ba554a85c9220b75ba500
                                                                                </p>
                                                <h4 id="header393" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content393" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>neethi</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.neethi</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>neethi-3.0.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Neethi provides general framework for the programmers to use WS Policy. It is compliant with latest WS Policy specification which was published in March 2006. This framework is specifically written to enable the Apache Web services stack to use WS Policy as a way of expressing it's requirements and capabilities.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Neethi</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.neethi</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Neethi</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Neethi</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>neethi</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Neethi provides general framework for the programmers to use WS Policy. It is compliant with latest WS Policy specification which was published in March 2006. This framework is specifically written to enable the Apache Web services stack to use WS Policy as a way of expressing it's requirements and capabilities.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.neethi</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Neethi</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
    </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>3.0.3</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ws.apache.org/neethi/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.0.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header394" class="subsectionheader white">Identifiers</h4>
                                                <div id="content394" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:apache_test:3.0.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('neethi-3.0.3.jar', 'ee37a38bbf9f355ee88ba554a85c9220b75ba500', 'cpe', 'cpe:/a:apache:apache_test:3.0.3')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22ee37a38bbf9f355ee88ba554a85c9220b75ba500%22" target="_blank">org.apache.neethi:neethi:3.0.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l188_55e39e6b46e71f35229cdd6950e72d8cce3b5fd4"></a>opennlp-maxent-3.0.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Apache Software Foundation provides support for the Apache community of open-source software projects.    The Apache projects are characterized by a collaborative, consensus based development process, an open and    pragmatic software license, and a desire to create high quality software that leads the way in its field.    We consider ourselves not simply a group of projects sharing a server, but rather a community of developers    and users.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.opennlp\opennlp-maxent\3.0.3\55e39e6b46e71f35229cdd6950e72d8cce3b5fd4\opennlp-maxent-3.0.3.jar<br/>
                            <b>MD5:</b>&nbsp;4fb8e129416ef5ef838d4aa77050d1bd<br/>
                            <b>SHA1:</b>&nbsp;55e39e6b46e71f35229cdd6950e72d8cce3b5fd4
                                                                                </p>
                                                <h4 id="header395" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content395" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>opennlp-maxent</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.opennlp</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>opennlp-maxent-3.0.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.0.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Software Foundation provides support for the Apache community of open-source software projects. The Apache projects are characterized by a collaborative, consensus based development process, an open and pragmatic software license, and a desire to create high quality software that leads the way in its field. We consider ourselves not simply a group of projects sharing a server, but rather a community of developers and users.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache OpenNLP Maxent</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.opennlp.maxent</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.0.3</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>opennlp-maxent</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.opennlp</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache OpenNLP Maxent</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>opennlp</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.opennlp</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>3.0.3</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.0.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header396" class="subsectionheader white">Identifiers</h4>
                                                <div id="content396" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2255e39e6b46e71f35229cdd6950e72d8cce3b5fd4%22" target="_blank">org.apache.opennlp:opennlp-maxent:3.0.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l189_826d34168b0e4870c9f599ed7f2b8fee4194ba3b"></a>opennlp-tools-1.5.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Apache Software Foundation provides support for the Apache community of open-source software projects.    The Apache projects are characterized by a collaborative, consensus based development process, an open and    pragmatic software license, and a desire to create high quality software that leads the way in its field.    We consider ourselves not simply a group of projects sharing a server, but rather a community of developers    and users.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.opennlp\opennlp-tools\1.5.3\826d34168b0e4870c9f599ed7f2b8fee4194ba3b\opennlp-tools-1.5.3.jar<br/>
                            <b>MD5:</b>&nbsp;2cd1835ad00c26fc978b691b52563afd<br/>
                            <b>SHA1:</b>&nbsp;826d34168b0e4870c9f599ed7f2b8fee4194ba3b
                                                                                </p>
                                                <h4 id="header397" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content397" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>opennlp-tools</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.opennlp</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>opennlp-tools-1.5.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache Software Foundation provides support for the Apache community of open-source software projects. The Apache projects are characterized by a collaborative, consensus based development process, an open and pragmatic software license, and a desire to create high quality software that leads the way in its field. We consider ourselves not simply a group of projects sharing a server, but rather a community of developers and users.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache OpenNLP Tools</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.opennlp.tools</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.5.3</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache OpenNLP Tools</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.opennlp</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5.3</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache OpenNLP Tools</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>opennlp-tools</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.opennlp</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache OpenNLP Tools</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>opennlp</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.opennlp</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header398" class="subsectionheader white">Identifiers</h4>
                                                <div id="content398" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22826d34168b0e4870c9f599ed7f2b8fee4194ba3b%22" target="_blank">org.apache.opennlp:opennlp-tools:1.5.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l190_41776c7713e3f3a1ce688bd96459fc597298c340"></a>fontbox-1.8.10.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;
    The Apache FontBox library is an open source Java tool to obtain low level information
    from font files. FontBox is a subproject of Apache PDFBox.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.pdfbox\fontbox\1.8.10\41776c7713e3f3a1ce688bd96459fc597298c340\fontbox-1.8.10.jar<br/>
                            <b>MD5:</b>&nbsp;010dcae8a1d4d9b1623d6c37ee228f6e<br/>
                            <b>SHA1:</b>&nbsp;41776c7713e3f3a1ce688bd96459fc597298c340
                                                                                </p>
                                                <h4 id="header399" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content399" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>fontbox</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.pdfbox</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8.10</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>fontbox-1.8.10</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8.10</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache FontBox library is an open source Java tool to obtain low level information from font files. FontBox is a subproject of Apache PDFBox.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://pdfbox.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache FontBox</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.pdfbox.fontbox</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.8.10</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache FontBox</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.pdfbox</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8.10</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache FontBox</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>fontbox</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> The Apache FontBox library is an open source Java tool to obtain low level information from font files. FontBox is a subproject of Apache PDFBox. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.pdfbox</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache FontBox</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>pdfbox-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.pdfbox</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://pdfbox.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8.10</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header400" class="subsectionheader white">Identifiers</h4>
                                                <div id="content400" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:font_project:font:1.8.10
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('fontbox-1.8.10.jar', '41776c7713e3f3a1ce688bd96459fc597298c340', 'cpe', 'cpe:/a:font_project:font:1.8.10')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2241776c7713e3f3a1ce688bd96459fc597298c340%22" target="_blank">org.apache.pdfbox:fontbox:1.8.10</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header401" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content401" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7683">CVE-2015-7683</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('fontbox-1.8.10.jar', '41776c7713e3f3a1ce688bd96459fc597298c340', 'cve', 'CVE-2015-7683')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
                            </p>
                            <p>Absolute path traversal vulnerability in Font.php in the Font plugin before 7.5.1 for WordPress allows remote administrators to read arbitrary files via a full pathname in the url parameter to AjaxProxy.php.
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/536670/100/0/threaded">20151012 CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://wordpress.org/plugins/font/changelog/">https://wordpress.org/plugins/font/changelog/</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/133930/WordPress-Font-7.5-Path-Traversal.html">http://packetstormsecurity.com/files/133930/WordPress-Font-7.5-Path-Traversal.html</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://wpvulndb.com/vulnerabilities/8214">https://wpvulndb.com/vulnerabilities/8214</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs30"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Afont_project%3Afont%3A7.5%3A%3A%7E%7E%7Ewordpress%7E%7E">cpe:/a:font_project:font:7.5::~~~wordpress~~</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l191_40df4e4ca884aadc20b82d5abd0a3679774c55a6"></a>jempbox-1.8.10.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    The Apache JempBox library is an open source Java tool that implements Adobe's XMP(TM)
    specification. JempBox is a subproject of Apache PDFBox.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.pdfbox\jempbox\1.8.10\40df4e4ca884aadc20b82d5abd0a3679774c55a6\jempbox-1.8.10.jar<br/>
                            <b>MD5:</b>&nbsp;903a0f2729626ce8fa0d74566732a738<br/>
                            <b>SHA1:</b>&nbsp;40df4e4ca884aadc20b82d5abd0a3679774c55a6
                                                                                </p>
                                                <h4 id="header402" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content402" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jempbox</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.pdfbox</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8.10</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jempbox-1.8.10</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8.10</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache JempBox library is an open source Java tool that implements Adobe's XMP(TM) specification. JempBox is a subproject of Apache PDFBox.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://pdfbox.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache JempBox</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.pdfbox.jempbox</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.8.10</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache JempBox</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.pdfbox</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8.10</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache JempBox</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jempbox</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> The Apache JempBox library is an open source Java tool that implements Adobe's XMP(TM) specification. JempBox is a subproject of Apache PDFBox. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.pdfbox</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache JempBox</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>pdfbox-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.pdfbox</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8.10</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header403" class="subsectionheader white">Identifiers</h4>
                                                <div id="content403" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2240df4e4ca884aadc20b82d5abd0a3679774c55a6%22" target="_blank">org.apache.pdfbox:jempbox:1.8.10</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l192_bc5d1254495be36d0a3b3d6c35f88d05200b9311"></a>pdfbox-1.8.10.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
        The Apache PDFBox library is an open source Java tool for working with PDF documents.
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.pdfbox\pdfbox\1.8.10\bc5d1254495be36d0a3b3d6c35f88d05200b9311\pdfbox-1.8.10.jar<br/>
                            <b>MD5:</b>&nbsp;e597e15826739a22b262924f0f091a84<br/>
                            <b>SHA1:</b>&nbsp;bc5d1254495be36d0a3b3d6c35f88d05200b9311
                                                                                </p>
                                                <h4 id="header404" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content404" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>pdfbox</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.pdfbox</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8.10</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>pdfbox-1.8.10</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8.10</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Apache PDFBox library is an open source Java tool for working with PDF documents.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://pdfbox.apache.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache PDFBox</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.pdfbox</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.8.10</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache PDFBox</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.pdfbox</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8.10</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache PDFBox</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>pdfbox</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
        The Apache PDFBox library is an open source Java tool for working with PDF documents.
    </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.pdfbox</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache PDFBox</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>pdfbox-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.pdfbox</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8.10</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header405" class="subsectionheader white">Identifiers</h4>
                                                <div id="content405" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22bc5d1254495be36d0a3b3d6c35f88d05200b9311%22" target="_blank">org.apache.pdfbox:pdfbox:1.8.10</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l193_49ded0a5f84a755ca7bce99ffe11fe6a972cb077"></a>poi-excelant-3.14.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache POI Excel Ant Tasks<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.poi\poi-excelant\3.14\49ded0a5f84a755ca7bce99ffe11fe6a972cb077\poi-excelant-3.14.jar<br/>
                            <b>MD5:</b>&nbsp;5bad3dfa695bd5bc24560c9abc54e74e<br/>
                            <b>SHA1:</b>&nbsp;49ded0a5f84a755ca7bce99ffe11fe6a972cb077
                                                                                </p>
                                                <h4 id="header406" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content406" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>poi-excelant</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.poi</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.14</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>poi-excelant-3.14</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.14</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>excelant</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>poi</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ss</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache POI</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.poi</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.14</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache POI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>poi-excelant</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache POI Excel Ant Tasks</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.poi</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache POI</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://poi.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.14</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header407" class="subsectionheader white">Identifiers</h4>
                                                <div id="content407" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:poi:3.14
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('poi-excelant-3.14.jar', '49ded0a5f84a755ca7bce99ffe11fe6a972cb077', 'cpe', 'cpe:/a:apache:poi:3.14')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/poi/poi-excelant/3.14/poi-excelant-3.14.jar" target="_blank">org.apache.poi:poi-excelant:3.14</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l194_97fe4bfdef7f103bfd9ec63c98ea90469afeec7b"></a>poi-ooxml-schemas-3.14.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache POI - Java API To Access Microsoft Format Files<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.poi\poi-ooxml-schemas\3.14\97fe4bfdef7f103bfd9ec63c98ea90469afeec7b\poi-ooxml-schemas-3.14.jar<br/>
                            <b>MD5:</b>&nbsp;e753093791ff46cec17447415b2841aa<br/>
                            <b>SHA1:</b>&nbsp;97fe4bfdef7f103bfd9ec63c98ea90469afeec7b
                                                                                </p>
                                                <h4 id="header408" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content408" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>poi-ooxml-schemas</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.poi</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.14</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>poi-ooxml-schemas-3.14</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.14</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>openxmlformats</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>schemas</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>x2006</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache POI</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.poi</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.14</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache POI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>poi-ooxml-schemas</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache POI - Java API To Access Microsoft Format Files</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.poi</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache POI</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://poi.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.14</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header409" class="subsectionheader white">Identifiers</h4>
                                                <div id="content409" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:poi:3.14
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('poi-ooxml-schemas-3.14.jar', '97fe4bfdef7f103bfd9ec63c98ea90469afeec7b', 'cpe', 'cpe:/a:apache:poi:3.14')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/poi/poi-ooxml-schemas/3.14/poi-ooxml-schemas-3.14.jar" target="_blank">org.apache.poi:poi-ooxml-schemas:3.14</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l195_911b3a5562b5dc4c5156d2d5f0f68a83346100d0"></a>poi-ooxml-3.14.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache POI - Java API To Access Microsoft Format Files<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.poi\poi-ooxml\3.14\911b3a5562b5dc4c5156d2d5f0f68a83346100d0\poi-ooxml-3.14.jar<br/>
                            <b>MD5:</b>&nbsp;e8ddefde540bce269c3bffc8835263c2<br/>
                            <b>SHA1:</b>&nbsp;911b3a5562b5dc4c5156d2d5f0f68a83346100d0
                                                                                </p>
                                                <h4 id="header410" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content410" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>poi-ooxml</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.poi</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.14</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>poi-ooxml-3.14</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.14</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>poi</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>usermodel</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache POI</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.poi</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.14</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache POI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>poi-ooxml</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache POI - Java API To Access Microsoft Format Files</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.poi</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache POI</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://poi.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.14</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header411" class="subsectionheader white">Identifiers</h4>
                                                <div id="content411" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:poi:3.14
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('poi-ooxml-3.14.jar', '911b3a5562b5dc4c5156d2d5f0f68a83346100d0', 'cpe', 'cpe:/a:apache:poi:3.14')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/poi/poi-ooxml/3.14/poi-ooxml-3.14.jar" target="_blank">org.apache.poi:poi-ooxml:3.14</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l196_3c775b327fd4d451b6fa8d6111197a2d33d1dc00"></a>poi-scratchpad-3.14.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache POI - Java API To Access Microsoft Format Files<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.poi\poi-scratchpad\3.14\3c775b327fd4d451b6fa8d6111197a2d33d1dc00\poi-scratchpad-3.14.jar<br/>
                            <b>MD5:</b>&nbsp;8934d390ba638a41823eb1d651a0e6cd<br/>
                            <b>SHA1:</b>&nbsp;3c775b327fd4d451b6fa8d6111197a2d33d1dc00
                                                                                </p>
                                                <h4 id="header412" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content412" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>poi-scratchpad</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.poi</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.14</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>poi-scratchpad-3.14</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.14</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>poi</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache POI</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.poi</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.14</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache POI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>poi-scratchpad</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache POI - Java API To Access Microsoft Format Files</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.poi</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache POI</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://poi.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.14</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header413" class="subsectionheader white">Identifiers</h4>
                                                <div id="content413" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:poi:3.14
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('poi-scratchpad-3.14.jar', '3c775b327fd4d451b6fa8d6111197a2d33d1dc00', 'cpe', 'cpe:/a:apache:poi:3.14')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/poi/poi-scratchpad/3.14/poi-scratchpad-3.14.jar" target="_blank">org.apache.poi:poi-scratchpad:3.14</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l197_fad7ae6d2e59c59ffdb45f1981500babfa765180"></a>poi-3.14.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache POI - Java API To Access Microsoft Format Files<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.poi\poi\3.14\fad7ae6d2e59c59ffdb45f1981500babfa765180\poi-3.14.jar<br/>
                            <b>MD5:</b>&nbsp;204b46d1644dcd7e1118e9443a19e0e8<br/>
                            <b>SHA1:</b>&nbsp;fad7ae6d2e59c59ffdb45f1981500babfa765180
                                                                                </p>
                                                <h4 id="header414" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content414" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>poi</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.poi</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.14</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>poi-3.14</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.14</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>poi</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache POI</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.poi</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.14</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache POI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>poi</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache POI - Java API To Access Microsoft Format Files</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.poi</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache POI</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://poi.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.14</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header415" class="subsectionheader white">Identifiers</h4>
                                                <div id="content415" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:poi:3.14
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('poi-3.14.jar', 'fad7ae6d2e59c59ffdb45f1981500babfa765180', 'cpe', 'cpe:/a:apache:poi:3.14')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/poi/poi/3.14/poi-3.14.jar" target="_blank">org.apache.poi:poi:3.14</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l198_22629b7c6b25352c25be97d0839460fef58ec533"></a>xmlsec-1.4.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
        Apache XML Security supports XML-Signature Syntax and Processing,
        W3C Recommendation 12 February 2002, and XML Encryption Syntax and
        Processing, W3C Recommendation 10 December 2002. As of version 1.4,
        the Java library supports the standard Java API JSR-105: XML Digital
        Signature APIs.
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.santuario\xmlsec\1.4.3\22629b7c6b25352c25be97d0839460fef58ec533\xmlsec-1.4.3.jar<br/>
                            <b>MD5:</b>&nbsp;16a2d033196888c83e06ac9dda7f88de<br/>
                            <b>SHA1:</b>&nbsp;22629b7c6b25352c25be97d0839460fef58ec533
                                                                                </p>
                                                <h4 id="header416" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content416" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xmlsec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.santuario</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.4.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xmlsec-1.4.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.4.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>security</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>manifest: xmlsec</td><td>Implementation-Title</td><td>Apache-XML-Security-J</td></tr>
                                                                    <tr><td>manifest: xmlsec</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: xmlsec</td><td>Implementation-Version</td><td>1.4.3 July 21 2009</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xmlsec</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Apache XML Security supports XML-Signature Syntax and Processing, W3C Recommendation 12 February 2002, and XML Encryption Syntax and Processing, W3C Recommendation 10 December 2002. As of version 1.4, the Java library supports the standard Java API JSR-105: XML Digital Signature APIs. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.santuario</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>XML Security</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://santuario.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.4.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header417" class="subsectionheader white">Identifiers</h4>
                                                <div id="content417" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/santuario/xmlsec/1.4.3/xmlsec-1.4.3.jar" target="_blank">org.apache.santuario:xmlsec:1.4.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l199_132a275104978c049e50b73f0299da44649b36d0"></a>shiro-core-1.3.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Shiro is a powerful and flexible open-source security framework that cleanly handles        authentication, authorization, enterprise session management, single sign-on and cryptography services.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.shiro\shiro-core\1.3.0\132a275104978c049e50b73f0299da44649b36d0\shiro-core-1.3.0.jar<br/>
                            <b>MD5:</b>&nbsp;00d4df882c65ea2b066a408ce1462515<br/>
                            <b>SHA1:</b>&nbsp;132a275104978c049e50b73f0299da44649b36d0
                                                                                </p>
                                                <h4 id="header418" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content418" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>shiro-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.shiro</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>shiro-core-1.3.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Shiro is a powerful and flexible open-source security framework that cleanly handles authentication, authorization, enterprise session management, single sign-on and cryptography services.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Shiro :: Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.shiro.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.3.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Shiro :: Core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.shiro</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.3.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Shiro :: Core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>shiro-core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.shiro</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Shiro :: Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>shiro-root</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.shiro</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header419" class="subsectionheader white">Identifiers</h4>
                                                <div id="content419" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:shiro:1.3.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('shiro-core-1.3.0.jar', '132a275104978c049e50b73f0299da44649b36d0', 'cpe', 'cpe:/a:apache:shiro:1.3.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22132a275104978c049e50b73f0299da44649b36d0%22" target="_blank">org.apache.shiro:shiro-core:1.3.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l200_1bbd65e52d27b61c64944b9275c44ccd79f267a7"></a>sis-metadata-0.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;

Implementations of metadata derived from ISO 19115. This module provides both an implementation
 of the metadata interfaces defined in GeoAPI, and a framework for handling those metadata through
 Java reflection.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.sis.core\sis-metadata\0.5\1bbd65e52d27b61c64944b9275c44ccd79f267a7\sis-metadata-0.5.jar<br/>
                            <b>MD5:</b>&nbsp;6d9ccec08cffd1ce52be1f9b50260cfc<br/>
                            <b>SHA1:</b>&nbsp;1bbd65e52d27b61c64944b9275c44ccd79f267a7
                                                                                </p>
                                                <h4 id="header420" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content420" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>sis-metadata</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.sis.core</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>sis-metadata-0.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>metadata</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sis</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>2015-02-05T18:42:58Z</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Implementations of metadata derived from ISO 19115. This module provides both an implementation of the metadata interfaces defined in GeoAPI, and a framework for handling those metadata through Java reflection.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://sis.apache.org/core/sis-metadata</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache SIS metadata</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.sis.metadata</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.5.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache SIS metadata</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://sis.apache.org/core/sis-metadata</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.sis.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.5</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>GeoAPI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Open Geospatial Consortium</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>sis-metadata</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Implementations of metadata derived from ISO 19115. This module provides both an implementation of the metadata interfaces defined in GeoAPI, and a framework for handling those metadata through Java reflection. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.sis.core</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache SIS metadata</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>core</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.sis</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header421" class="subsectionheader white">Identifiers</h4>
                                                <div id="content421" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/sis/core/sis-metadata/0.5/sis-metadata-0.5.jar" target="_blank">org.apache.sis.core:sis-metadata:0.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l201_377246c70fd858346fab8a0e554bed3b3cfcde70"></a>sis-referencing-0.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;

Implementations of Coordinate Reference Systems (CRS),
 conversion and transformation services derived from ISO 19111.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.sis.core\sis-referencing\0.5\377246c70fd858346fab8a0e554bed3b3cfcde70\sis-referencing-0.5.jar<br/>
                            <b>MD5:</b>&nbsp;f63fe6facd76480205141db7d605f10a<br/>
                            <b>SHA1:</b>&nbsp;377246c70fd858346fab8a0e554bed3b3cfcde70
                                                                                </p>
                                                <h4 id="header422" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content422" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>sis-referencing</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.sis.core</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>sis-referencing-0.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>referencing</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sis</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>2015-02-05T18:42:58Z</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Implementations of Coordinate Reference Systems (CRS), conversion and transformation services derived from ISO 19111.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://sis.apache.org/core/sis-referencing</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache SIS referencing</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.sis.referencing</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.5.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache SIS referencing</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://sis.apache.org/core/sis-referencing</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.sis.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.5</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>GeoAPI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Open Geospatial Consortium</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>sis-referencing</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Implementations of Coordinate Reference Systems (CRS), conversion and transformation services derived from ISO 19111. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.sis.core</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache SIS referencing</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>core</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.sis</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header423" class="subsectionheader white">Identifiers</h4>
                                                <div id="content423" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/sis/core/sis-referencing/0.5/sis-referencing-0.5.jar" target="_blank">org.apache.sis.core:sis-referencing:0.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l202_aaea81deda0e3c7ca2602e7fb9459bcc19894ecf"></a>sis-utility-0.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;

Miscellaneous utilities.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.sis.core\sis-utility\0.5\aaea81deda0e3c7ca2602e7fb9459bcc19894ecf\sis-utility-0.5.jar<br/>
                            <b>MD5:</b>&nbsp;d6b7770eb395a8c4bc3bf84c99563119<br/>
                            <b>SHA1:</b>&nbsp;aaea81deda0e3c7ca2602e7fb9459bcc19894ecf
                                                                                </p>
                                                <h4 id="header424" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content424" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>sis-utility</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.sis.core</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>sis-utility-0.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sis</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>2015-02-05T18:42:58Z</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Miscellaneous utilities.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://sis.apache.org/core/sis-utility</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache SIS utilities</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.sis.utility</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.5.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache SIS utilities</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://sis.apache.org/core/sis-utility</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.sis.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.5</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>GeoAPI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Open Geospatial Consortium</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>sis-utility</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>

Miscellaneous utilities.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.sis.core</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache SIS utilities</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>core</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.sis</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header425" class="subsectionheader white">Identifiers</h4>
                                                <div id="content425" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/sis/core/sis-utility/0.5/sis-utility-0.5.jar" target="_blank">org.apache.sis.core:sis-utility:0.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l203_2b416e4506caebe7df6dd21b878dae888e0eea39"></a>sis-netcdf-0.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;

Bridge between NetCDF Climate and Forecast (CF) convention and ISO 19115 metadata.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.sis.storage\sis-netcdf\0.5\2b416e4506caebe7df6dd21b878dae888e0eea39\sis-netcdf-0.5.jar<br/>
                            <b>MD5:</b>&nbsp;58f26afee7da53fa9ce07ef08ce7f306<br/>
                            <b>SHA1:</b>&nbsp;2b416e4506caebe7df6dd21b878dae888e0eea39
                                                                                </p>
                                                <h4 id="header426" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content426" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>sis-netcdf</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.sis.storage</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>sis-netcdf-0.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>netcdf</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sis</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>2015-02-05T18:42:58Z</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Bridge between NetCDF Climate and Forecast (CF) convention and ISO 19115 metadata.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://sis.apache.org/storage/sis-netcdf</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache SIS NetCDF storage</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.sis.storage.netcdf</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.5.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache SIS NetCDF storage</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://sis.apache.org/storage/sis-netcdf</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.sis.storage</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.5</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>GeoAPI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Open Geospatial Consortium</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>sis-netcdf</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>

Bridge between NetCDF Climate and Forecast (CF) convention and ISO 19115 metadata.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.sis.storage</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache SIS NetCDF storage</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>storage</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.sis</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header427" class="subsectionheader white">Identifiers</h4>
                                                <div id="content427" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/sis/storage/sis-netcdf/0.5/sis-netcdf-0.5.jar" target="_blank">org.apache.sis.storage:sis-netcdf:0.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l204_29d1ea6422b68fbfe1f1702f122019ae376ee2c8"></a>sis-storage-0.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;

Provides the interfaces and base classes to be implemented by various storage formats.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.sis.storage\sis-storage\0.5\29d1ea6422b68fbfe1f1702f122019ae376ee2c8\sis-storage-0.5.jar<br/>
                            <b>MD5:</b>&nbsp;24b522892175ec483d4db474bcf7309f<br/>
                            <b>SHA1:</b>&nbsp;29d1ea6422b68fbfe1f1702f122019ae376ee2c8
                                                                                </p>
                                                <h4 id="header428" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content428" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>sis-storage</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.sis.storage</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>sis-storage-0.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.5</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sis</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>storage</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>2015-02-05T18:42:58Z</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Provides the interfaces and base classes to be implemented by various storage formats.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://sis.apache.org/storage/sis-storage</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache SIS common storage</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.sis.storage</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.5.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache SIS common storage</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://sis.apache.org/storage/sis-storage</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.sis.storage</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.5</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>GeoAPI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Open Geospatial Consortium</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>sis-storage</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>

Provides the interfaces and base classes to be implemented by various storage formats.
  </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.sis.storage</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache SIS common storage</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>storage</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.sis</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header429" class="subsectionheader white">Identifiers</h4>
                                                <div id="content429" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/sis/storage/sis-storage/0.5/sis-storage-0.5.jar" target="_blank">org.apache.sis.storage:sis-storage:0.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l205_4449581b7570e576e710b0befc517d1dfc20ce63"></a>solr-core-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Solr Core<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.solr\solr-core\6.2.1\4449581b7570e576e710b0befc517d1dfc20ce63\solr-core-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;6ca8151e371bab894efe148d4857bc22<br/>
                            <b>SHA1:</b>&nbsp;4449581b7570e576e710b0befc517d1dfc20ce63
                                                                                </p>
                                                <h4 id="header430" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content430" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>solr-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.solr</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>solr-core-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>solr</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.solr</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.solr</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:20:53</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Solr Search Server: solr-core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>solr-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Solr Core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.solr</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Solr Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>solr-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.solr</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header431" class="subsectionheader white">Identifiers</h4>
                                                <div id="content431" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:solr:6.2.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('solr-core-6.2.1.jar', '4449581b7570e576e710b0befc517d1dfc20ce63', 'cpe', 'cpe:/a:apache:solr:6.2.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/solr/solr-core/6.2.1/solr-core-6.2.1.jar" target="_blank">org.apache.solr:solr-core:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l206_2198098522110b60a5f8e3331bab7f1d0617b4eb"></a>solr-solrj-6.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Solr Solrj<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.solr\solr-solrj\6.2.1\2198098522110b60a5f8e3331bab7f1d0617b4eb\solr-solrj-6.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;f10930680ebea17de9210496f1109f19<br/>
                            <b>SHA1:</b>&nbsp;2198098522110b60a5f8e3331bab7f1d0617b4eb
                                                                                </p>
                                                <h4 id="header432" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content432" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>solr-solrj</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.solr</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>solr-solrj-6.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>6.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>client</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>solr</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>solrj</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.solr</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.solr</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>6.2.1 43ab70147eb494324a1410f7a9f16a896a59bc6f - shalin - 2016-09-15 05:20:55</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Solr Search Server: solr-solrj</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>solr-solrj</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache Solr Solrj</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.solr</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Solr Solrj</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>solr-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.solr</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>6.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header433" class="subsectionheader white">Identifiers</h4>
                                                <div id="content433" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:solr:6.2.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('solr-solrj-6.2.1.jar', '2198098522110b60a5f8e3331bab7f1d0617b4eb', 'cpe', 'cpe:/a:apache:solr:6.2.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/solr/solr-solrj/6.2.1/solr-solrj-6.2.1.jar" target="_blank">org.apache.solr:solr-solrj:6.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l207_5ab95580d22fe1dee79cffbcd98bb509a32da09b"></a>tika-core-1.12.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;This is the core Apache Tika&trade; toolkit library from which all other modules inherit functionality. It also
    includes the core facades for the Tika API.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tika\tika-core\1.12\5ab95580d22fe1dee79cffbcd98bb509a32da09b\tika-core-1.12.jar<br/>
                            <b>MD5:</b>&nbsp;b879ee0321e648102a121ed2014edf09<br/>
                            <b>SHA1:</b>&nbsp;5ab95580d22fe1dee79cffbcd98bb509a32da09b
                                                                                </p>
                                                <h4 id="header434" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content434" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tika-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tika</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.12</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tika-core-1.12</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.12</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>This is the core Apache Tika&trade; toolkit library from which all other modules inherit functionality. It also includes the core facades for the Tika API.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://tika.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Tika core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tika.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.12.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tika core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.tika</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.12</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tika core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tika-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>This is the core Apache Tika&trade; toolkit library from which all other modules inherit functionality. It also includes the core facades for the Tika API. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tika</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Tika core</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org
  </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>tika-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.tika</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tika.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.12</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header435" class="subsectionheader white">Identifiers</h4>
                                                <div id="content435" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tika:1.12
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tika-core-1.12.jar', '5ab95580d22fe1dee79cffbcd98bb509a32da09b', 'cpe', 'cpe:/a:apache:tika:1.12')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%225ab95580d22fe1dee79cffbcd98bb509a32da09b%22" target="_blank">org.apache.tika:tika-core:1.12</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l208_ee3ad76cb3066ba6c11e2db6d48b5ef6842a9788"></a>tika-parsers-1.12.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache Tika is a toolkit for detecting and extracting metadata and    structured text content from various documents using existing parser    libraries.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tika\tika-parsers\1.12\ee3ad76cb3066ba6c11e2db6d48b5ef6842a9788\tika-parsers-1.12.jar<br/>
                            <b>MD5:</b>&nbsp;cfaf87b842abc229d7642d6ae01a1ca7<br/>
                            <b>SHA1:</b>&nbsp;ee3ad76cb3066ba6c11e2db6d48b5ef6842a9788
                                                                                </p>
                                                <h4 id="header436" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content436" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tika-parsers</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tika</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.12</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tika-parsers-1.12</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.12</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Apache Tika is a toolkit for detecting and extracting metadata and structured text content from various documents using existing parser libraries.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://tika.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Apache Tika parsers</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tika.parsers</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.12.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tika parsers</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.tika</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.12</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tika parsers</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tika-parsers</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tika</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Tika parsers</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org
  </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>tika-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.tika</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tika.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.12</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header437" class="subsectionheader white">Identifiers</h4>
                                                <div id="content437" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tika:1.12
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tika-parsers-1.12.jar', 'ee3ad76cb3066ba6c11e2db6d48b5ef6842a9788', 'cpe', 'cpe:/a:apache:tika:1.12')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22ee3ad76cb3066ba6c11e2db6d48b5ef6842a9788%22" target="_blank">org.apache.tika:tika-parsers:1.12</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l209_c026332148ad464592cbc720a933388782c0d24a"></a>tomcat-embed-core-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Core Tomcat implementation<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat.embed\tomcat-embed-core\8.0.39\c026332148ad464592cbc720a933388782c0d24a\tomcat-embed-core-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;6297b65d1700945427e99952249b3567<br/>
                            <b>SHA1:</b>&nbsp;c026332148ad464592cbc720a933388782c0d24a
                                                                                </p>
                                                <h4 id="header438" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content438" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-embed-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat.embed</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-embed-core-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-embed-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Core Tomcat implementation</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat.embed</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header439" class="subsectionheader white">Identifiers</h4>
                                                <div id="content439" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-embed-core-8.0.39.jar', 'c026332148ad464592cbc720a933388782c0d24a', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/embed/tomcat-embed-core/8.0.39/tomcat-embed-core-8.0.39.jar" target="_blank">org.apache.tomcat.embed:tomcat-embed-core:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l210_d71f453312b433b3e1c5a92060d145aceff1bf4d"></a>tomcat-embed-websocket-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Core Tomcat implementation<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat.embed\tomcat-embed-websocket\8.0.39\d71f453312b433b3e1c5a92060d145aceff1bf4d\tomcat-embed-websocket-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;ef26fb940367b4cacec8d403625801f8<br/>
                            <b>SHA1:</b>&nbsp;d71f453312b433b3e1c5a92060d145aceff1bf4d
                                                                                </p>
                                                <h4 id="header440" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content440" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-embed-websocket</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat.embed</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-embed-websocket-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tomcat</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>websocket</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-embed-websocket</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Core Tomcat implementation</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat.embed</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header441" class="subsectionheader white">Identifiers</h4>
                                                <div id="content441" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-embed-websocket-8.0.39.jar', 'd71f453312b433b3e1c5a92060d145aceff1bf4d', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/embed/tomcat-embed-websocket/8.0.39/tomcat-embed-websocket-8.0.39.jar" target="_blank">org.apache.tomcat.embed:tomcat-embed-websocket:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l211_e6c758db747fea851d1204d80977837214225e6e"></a>tomcat-annotations-api-8.0.39.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Annotations Package<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-annotations-api\8.0.39\e6c758db747fea851d1204d80977837214225e6e\tomcat-annotations-api-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;f9f3c3bcad776ecbf6facd1f7c85bceb<br/>
                            <b>SHA1:</b>&nbsp;e6c758db747fea851d1204d80977837214225e6e
                                                                                </p>
                                                <h4 id="header442" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content442" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-annotations-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-annotations-api-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>annotation</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Implementation-Title</td><td>javax.servlet</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Implementation-Version</td><td>3.0.FR</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Specification-Title</td><td>Java API for Servlets (Annotations)</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-annotations-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Annotations Package</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header443" class="subsectionheader white">Identifiers</h4>
                                                <div id="content443" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0" target="_blank">cpe:/a:apache:tomcat:3.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:MEDIUM
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cpe', 'cpe:/a:apache:tomcat:3.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-annotations-api/8.0.39/tomcat-annotations-api-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-annotations-api:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header444" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content444" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0119">CVE-2014-0119</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2014-0119')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67669">67669</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1588193">http://svn.apache.org/viewvc?view=revision&revision=1588193</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1588199">http://svn.apache.org/viewvc?view=revision&revision=1588199</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589640">http://svn.apache.org/viewvc?view=revision&revision=1589640</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589837">http://svn.apache.org/viewvc?view=revision&revision=1589837</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589980">http://svn.apache.org/viewvc?view=revision&revision=1589980</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589983">http://svn.apache.org/viewvc?view=revision&revision=1589983</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589985">http://svn.apache.org/viewvc?view=revision&revision=1589985</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589990">http://svn.apache.org/viewvc?view=revision&revision=1589990</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589992">http://svn.apache.org/viewvc?view=revision&revision=1589992</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589997">http://svn.apache.org/viewvc?view=revision&revision=1589997</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1590028">http://svn.apache.org/viewvc?view=revision&revision=1590028</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1590036">http://svn.apache.org/viewvc?view=revision&revision=1590036</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1593815">http://svn.apache.org/viewvc?view=revision&revision=1593815</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1593821">http://svn.apache.org/viewvc?view=revision&revision=1593821</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html">http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3552">DSA-3552</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/May/141">20140527 [SECURITY] CVE-2014-0119 Apache Tomcat information disclosure</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030298">1030298</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs31', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs31"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs31">...</li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.53">cpe:/a:apache:tomcat:7.0.53</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                    <li class="vs31 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.5">cpe:/a:apache:tomcat:8.0.5</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0099">CVE-2014-0099</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2014-0099')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67668">67668</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/532221/100/0/threaded">20140527 Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/532218/100/0/threaded">20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://linux.oracle.com/errata/ELSA-2014-0865.html">http://linux.oracle.com/errata/ELSA-2014-0865.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578812">http://svn.apache.org/viewvc?view=revision&revision=1578812</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578814">http://svn.apache.org/viewvc?view=revision&revision=1578814</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1580473">http://svn.apache.org/viewvc?view=revision&revision=1580473</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21680603">http://www-01.ibm.com/support/docview.wss?uid=swg21680603</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3447">DSA-3447</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html">FEDORA-2015-2109</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141390017113542&amp;w=2">HPSBUX03150</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030302">1030302</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59121">59121</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs32', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs32"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs32">...</li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs32 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0096">CVE-2014-0096</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2014-0096')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67667">67667</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://linux.oracle.com/errata/ELSA-2014-0865.html">http://linux.oracle.com/errata/ELSA-2014-0865.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578610">http://svn.apache.org/viewvc?view=revision&revision=1578610</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578611">http://svn.apache.org/viewvc?view=revision&revision=1578611</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578637">http://svn.apache.org/viewvc?view=revision&revision=1578637</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578655">http://svn.apache.org/viewvc?view=revision&revision=1578655</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1585853">http://svn.apache.org/viewvc?view=revision&revision=1585853</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.novell.com/support/kb/doc.php?id=7010166">http://www.novell.com/support/kb/doc.php?id=7010166</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3552">DSA-3552</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html">FEDORA-2015-2109</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/May/135">20140527 [SECURITY] CVE-2014-0096 Apache Tomcat information disclosure</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030301">1030301</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59121">59121</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs33', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs33"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs33">...</li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs33 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0075">CVE-2014-0075</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2014-0075')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67671">67671</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://linux.oracle.com/errata/ELSA-2014-0865.html">http://linux.oracle.com/errata/ELSA-2014-0865.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578337">http://svn.apache.org/viewvc?view=revision&revision=1578337</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578341">http://svn.apache.org/viewvc?view=revision&revision=1578341</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1579262">http://svn.apache.org/viewvc?view=revision&revision=1579262</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21680603">http://www-01.ibm.com/support/docview.wss?uid=swg21680603</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.novell.com/support/kb/doc.php?id=7010166">http://www.novell.com/support/kb/doc.php?id=7010166</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3447">DSA-3447</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html">FEDORA-2015-2109</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141390017113542&amp;w=2">HPSBUX03150</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59121">59121</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs34', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs34"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs34">...</li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs34 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6357">CVE-2013-6357</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2013-6357')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that &quot;the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator.&quot;
                                                                    <ul>
                                                                            <li>MISC - <a target="_blank" href="http://www.webapp-security.com/wp-content/uploads/2013/11/Apache-Tomcat-5.5.25-CSRF-Vulnerabilities.txt">http://www.webapp-security.com/wp-content/uploads/2013/11/Apache-Tomcat-5.5.25-CSRF-Vulnerabilities.txt</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs35', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs35"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs35">...</li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs35 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4590">CVE-2013-4590</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2013-4590')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain &quot;Tomcat internals&quot; information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65768">65768</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0148.html">http://advisories.mageia.org/MGASA-2014-0148.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549528">http://svn.apache.org/viewvc?view=revision&revision=1549528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549529">http://svn.apache.org/viewvc?view=revision&revision=1549529</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1558828">http://svn.apache.org/viewvc?view=revision&revision=1558828</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21667883">http://www-01.ibm.com/support/docview.wss?uid=swg21667883</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675886">http://www-01.ibm.com/support/docview.wss?uid=swg21675886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677147">http://www-01.ibm.com/support/docview.wss?uid=swg21677147</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0008.html">http://www.vmware.com/security/advisories/VMSA-2014-0008.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1069911">https://bugzilla.redhat.com/show_bug.cgi?id=1069911</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs36', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs36"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs36">...</li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a>  and all previous versions</li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc3">cpe:/a:apache:tomcat:8.0.0:rc3</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc4">cpe:/a:apache:tomcat:8.0.0:rc4</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc6">cpe:/a:apache:tomcat:8.0.0:rc6</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc7">cpe:/a:apache:tomcat:8.0.0:rc7</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc8">cpe:/a:apache:tomcat:8.0.0:rc8</a> </li>
                                                                    <li class="vs36 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc9">cpe:/a:apache:tomcat:8.0.0:rc9</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4444">CVE-2013-4444</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2013-4444')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-94 Improper Control of Generation of Code ('Code Injection')
                            </p>
                            <p>Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/69728">69728</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-09/0075.html">20140910 CVE-2013-4444 Remote Code Execution in Apache Tomcat</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3447">DSA-3447</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2014/10/24/12">[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030834">1030834</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs37', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs37"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                    <li class="vs37">...</li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs37 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4322">CVE-2013-4322</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2013-4322')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65767">65767</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0148.html">http://advisories.mageia.org/MGASA-2014-0148.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521834">http://svn.apache.org/viewvc?view=revision&revision=1521834</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521864">http://svn.apache.org/viewvc?view=revision&revision=1521864</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549522">http://svn.apache.org/viewvc?view=revision&revision=1549522</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549523">http://svn.apache.org/viewvc?view=revision&revision=1549523</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1556540">http://svn.apache.org/viewvc?view=revision&revision=1556540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21667883">http://www-01.ibm.com/support/docview.wss?uid=swg21667883</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675886">http://www-01.ibm.com/support/docview.wss?uid=swg21675886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677147">http://www-01.ibm.com/support/docview.wss?uid=swg21677147</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678113">http://www-01.ibm.com/support/docview.wss?uid=swg21678113</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0008.html">http://www.vmware.com/security/advisories/VMSA-2014-0008.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1069905">https://bugzilla.redhat.com/show_bug.cgi?id=1069905</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="https://rhn.redhat.com/errata/RHSA-2014-0686.html">RHSA-2014:0686</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs38', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs38"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs38">...</li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a>  and all previous versions</li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc3">cpe:/a:apache:tomcat:8.0.0:rc3</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc4">cpe:/a:apache:tomcat:8.0.0:rc4</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc6">cpe:/a:apache:tomcat:8.0.0:rc6</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc7">cpe:/a:apache:tomcat:8.0.0:rc7</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc8">cpe:/a:apache:tomcat:8.0.0:rc8</a> </li>
                                                                    <li class="vs38 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc9">cpe:/a:apache:tomcat:8.0.0:rc9</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4286">CVE-2013-4286</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2013-4286')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a &quot;Transfer-Encoding: chunked&quot; header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65773">65773</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0148.html">http://advisories.mageia.org/MGASA-2014-0148.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521829">http://svn.apache.org/viewvc?view=revision&revision=1521829</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521854">http://svn.apache.org/viewvc?view=revision&revision=1521854</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1552565">http://svn.apache.org/viewvc?view=revision&revision=1552565</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21667883">http://www-01.ibm.com/support/docview.wss?uid=swg21667883</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675886">http://www-01.ibm.com/support/docview.wss?uid=swg21675886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677147">http://www-01.ibm.com/support/docview.wss?uid=swg21677147</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678113">http://www-01.ibm.com/support/docview.wss?uid=swg21678113</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html">http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html">http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1069921">https://bugzilla.redhat.com/show_bug.cgi?id=1069921</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141390017113542&amp;w=2">HPSBUX03150</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0343.html">RHSA-2014:0343</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0344.html">RHSA-2014:0344</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0345.html">RHSA-2014:0345</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="https://rhn.redhat.com/errata/RHSA-2014-0686.html">RHSA-2014:0686</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs39', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs39"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs39">...</li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a>  and all previous versions</li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs39 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2185">CVE-2013-2185</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2013-2185')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
                                                                    <ul>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2013/09/05/4">[oss-security] 20130905 Re: CVE-2013-2185 / Tomcat</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2014/10/24/12">[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-1193.html">RHSA-2013:1193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-1194.html">RHSA-2013:1194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-1265.html">RHSA-2013:1265</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs40', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs40"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                    <li class="vs40">...</li>
                                                                    <li class="vs40 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                                                    <li class="vs40 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_application_platform%3A6.1.0">cpe:/a:redhat:jboss_enterprise_application_platform:6.1.0</a> </li>
                                                                    <li class="vs40 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_portal_platform%3A6.0.0">cpe:/a:redhat:jboss_enterprise_portal_platform:6.0.0</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5568">CVE-2012-5568</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2012-5568')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/56686">56686</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=880011">https://bugzilla.redhat.com/show_bug.cgi?id=880011</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://captainholly.wordpress.com/2009/06/19/slowloris-vs-tomcat/">http://captainholly.wordpress.com/2009/06/19/slowloris-vs-tomcat/</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2012/11/26/2">[oss-security] 20121125 Re: CVE Request: slowloris for tomcat</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-tc2147776.html">[users] 20090619 How does Tomcat handle a slow HTTP DoS?</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-tc2147779.html">[users] 20090620 Re: How does Tomcat handle a slow HTTP DoS?</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html">openSUSE-SU-2012:1700</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html">openSUSE-SU-2012:1701</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html">openSUSE-SU-2013:0147</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/80317">apache-tomcat-slowloris-dos(80317)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs41', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs41"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs41">...</li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs41 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3548">CVE-2009-3548</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2009-3548')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-255 Credentials Management
                            </p>
                            <p>The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36954">36954</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507720/100/0/threaded">20091109 [SECURITY] CVE-2009-3548 Apache Tomcat Windows Installer insecure default administrative password</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded">20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2011-0003.html">http://www.vmware.com/security/advisories/VMSA-2011-0003.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html">http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=139344343412337&amp;w=2">HPSBST02955</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113">HPSBUX02541</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=136485229118404&amp;w=2">HPSBUX02860</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=127420533226623&amp;w=2">SSRT100029</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=133469267822771&amp;w=2">SSRT100825</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://markmail.org/thread/wfu4nff5chvkb6xp">http://markmail.org/thread/wfu4nff5chvkb6xp</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1023146">1023146</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/3185">ADV-2009-3185</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1559">ADV-2010-1559</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/54182">tomcat-admin-default-password(54182)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs42', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs42"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs42">...</li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.4">cpe:/a:apache:tomcat:4.1.4</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.5">cpe:/a:apache:tomcat:4.1.5</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.6">cpe:/a:apache:tomcat:4.1.6</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.7">cpe:/a:apache:tomcat:4.1.7</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.8">cpe:/a:apache:tomcat:4.1.8</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9">cpe:/a:apache:tomcat:4.1.9</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.11">cpe:/a:apache:tomcat:4.1.11</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.13">cpe:/a:apache:tomcat:4.1.13</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.14">cpe:/a:apache:tomcat:4.1.14</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.16">cpe:/a:apache:tomcat:4.1.16</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.17">cpe:/a:apache:tomcat:4.1.17</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.18">cpe:/a:apache:tomcat:4.1.18</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.19">cpe:/a:apache:tomcat:4.1.19</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.20">cpe:/a:apache:tomcat:4.1.20</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.21">cpe:/a:apache:tomcat:4.1.21</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.22">cpe:/a:apache:tomcat:4.1.22</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.23">cpe:/a:apache:tomcat:4.1.23</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.25">cpe:/a:apache:tomcat:4.1.25</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.26">cpe:/a:apache:tomcat:4.1.26</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.27">cpe:/a:apache:tomcat:4.1.27</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.30">cpe:/a:apache:tomcat:4.1.30</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.32">cpe:/a:apache:tomcat:4.1.32</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.33">cpe:/a:apache:tomcat:4.1.33</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.34">cpe:/a:apache:tomcat:4.1.34</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.35">cpe:/a:apache:tomcat:4.1.35</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.37">cpe:/a:apache:tomcat:4.1.37</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.38">cpe:/a:apache:tomcat:4.1.38</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.39">cpe:/a:apache:tomcat:4.1.39</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs42 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2696">CVE-2009-2696</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2009-2696')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to &quot;invalid HTML.&quot; NOTE: this is due to a missing fix for CVE-2009-0781.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=616717">https://bugzilla.redhat.com/show_bug.cgi?id=616717</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0580.html">RHSA-2010:0580</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1986">ADV-2010-1986</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs43"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.39">cpe:/a:apache:tomcat:4.1.39</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0128">CVE-2008-0128</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2008-0128')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/27365">27365</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41217">http://issues.apache.org/bugzilla/show_bug.cgi?id=41217</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://security-tracker.debian.net/tracker/CVE-2008-0128">http://security-tracker.debian.net/tracker/CVE-2008-0128</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html">SUSE-SR:2008:005</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0192">ADV-2008-0192</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/39804">apache-singlesignon-information-disclosure(39804)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs44"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2449">CVE-2007-2449</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2007-2449')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                            </p>
                            <p>Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a &quot;snp/snoop.jsp;&quot; sequence.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html">APPLE-SA-2008-06-30</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/24476">24476</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/471351/100/0/threaded">20070614 [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT2163">http://support.apple.com/kb/HT2163</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html">FEDORA-2007-3456</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795">HPSBUX02262</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:241">MDKSA-2007:241</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0569.html">RHSA-2007:0569</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018245">1018245</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/2804">2804</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html">SUSE-SR:2008:007</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html">SUSE-SR:2009:004</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/2213">ADV-2007-2213</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3386">ADV-2007-3386</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1981/references">ADV-2008-1981</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/34869">tomcat-example-xss(34869)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs45', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs45"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a>  and all previous versions</li>
                                    <li class="vs45">...</li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a>  and all previous versions</li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs45 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1358">CVE-2007-1358</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2007-1358')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted &quot;Accept-Language headers that do not conform to RFC 2616&quot;.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html">APPLE-SA-2007-07-31</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/24524">24524</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25159">25159</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/471719/100/0/threaded">20070618 [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.info.apple.com/article.html?artnum=306172">http://docs.info.apple.com/article.html?artnum=306172</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html">http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html">FEDORA-2007-3456</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795">HPSBUX02262</a></li>
                                                                            <li>JVN - <a target="_blank" href="http://jvn.jp/jp/JVN%2316535199/index.html">JVN#16535199</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018269">1018269</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1">239312</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1729">ADV-2007-1729</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/2732">ADV-2007-2732</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3087">ADV-2007-3087</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3386">ADV-2007-3386</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1979/references">ADV-2008-1979</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs46', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs46"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                    <li class="vs46">...</li>
                                                                    <li class="vs46 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs46 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs46 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs46 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs46 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs46 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs46 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs46 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs46 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0450">CVE-2007-0450</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2007-0450')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
                            </p>
                            <p>Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) &quot;/&quot; (slash), (2) &quot;\&quot; (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html">APPLE-SA-2007-07-31</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/22960">22960</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25159">25159</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/462791/100/0/threaded">20070314 SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/485938/100/0/threaded">20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.info.apple.com/article.html?artnum=306172">http://docs.info.apple.com/article.html?artnum=306172</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm">http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html">http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200705-03.xml">GLSA-200705-03</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795">SSRT071447</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:241">MDKSA-2007:241</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.sec-consult.com/287.html">http://www.sec-consult.com/287.html</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt">http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://lists.vmware.com/pipermail/security-announce/2008/000003.html">[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0327.html">RHSA-2007:0327</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0360.html">RHSA-2007:0360</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/2446">2446</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1">239312</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://www.novell.com/linux/security/advisories/2007_5_sr.html">SUSE-SR:2007:005</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://www.novell.com/linux/security/advisories/2007_15_sr.html">SUSE-SR:2007:015</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/0975">ADV-2007-0975</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/2732">ADV-2007-2732</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3087">ADV-2007-3087</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3386">ADV-2007-3386</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0065">ADV-2008-0065</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1979/references">ADV-2008-1979</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/32988">tomcat-proxy-directory-traversal(32988)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs47', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs47"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a>  and all previous versions</li>
                                    <li class="vs47">...</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A%3A%3Awin32">cpe:/a:apache:http_server:::win32</a> </li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a>  and all previous versions</li>
                                                                    <li class="vs47 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-7196">CVE-2006-7196</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2006-7196')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25531">25531</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/478491/100/0/threaded">20070904 Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/478609/100/0/threaded">20070905 Re: Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm">http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html">SUSE-SR:2008:005</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1729">ADV-2007-1729</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs48', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs48"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                    <li class="vs48">...</li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs48 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4838">CVE-2005-4838</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2005-4838')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065598.html">20070906 Apache Tomcat remote xss</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.oliverkarow.de/research/jakarta556_xss.txt">http://www.oliverkarow.de/research/jakarta556_xss.txt</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=tomcat-dev&amp;m=110476790331536&amp;w=2">[tomcat-dev] 20050103 Re: Fwd: XSS in Jakarta Tomcat 5.5.6</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=tomcat-dev&amp;m=110477195116951&amp;w=2">[tomcat-dev] 20050103 [PATCH jakarta-servletapi-5] Re: Fwd: XSS in Jakarta Tomcat 5.5.6</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1012793">1012793</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/36467">tomcat-functions-xss(36467)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs49"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0808">CVE-2005-0808</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2005-0808')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/12795">12795</a></li>
                                                                            <li>CERT-VN - <a target="_blank" href="http://www.kb.cert.org/vuls/id/204710">VU#204710</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.hitachi-support.com/security_e/vuls_e/HS05-006_e/index-e.html">http://www.hitachi-support.com/security_e/vuls_e/HS05-006_e/index-e.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.kb.cert.org/vuls/id/JGEI-6A2LEF">http://www.kb.cert.org/vuls/id/JGEI-6A2LEF</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/19681">tomcat-manager-ajp12-dos(19681)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs50', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs50"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs50">...</li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs50 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0045">CVE-2003-0045</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2003-0045')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/12102">jakarta-tomcat-msdos-dos(12102)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs51', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs51"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs51">...</li>
                                                                    <li class="vs51 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs51 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs51 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs51 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs51 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs51 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs51 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs51 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs51 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0044">CVE-2003-0044</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2003-0044')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/6720">6720</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/n-060.shtml">N-060</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2003/dsa-246">DSA-246</a></li>
                                                                            <li>HP - <a target="_blank" href="http://www.securityfocus.com/advisories/5111">HPSBUX0303-249</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/11196">tomcat-web-app-xss(11196)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs52', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs52"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs52">...</li>
                                                                    <li class="vs52 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs52 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs52 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs52 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs52 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs52 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs52 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs52 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs52 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs52 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0043">CVE-2003-0043</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2003-0043')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/6722">6722</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/n-060.shtml">N-060</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2003/dsa-246">DSA-246</a></li>
                                                                            <li>HP - <a target="_blank" href="http://www.securityfocus.com/advisories/5111">HPSBUX0303-249</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/11195">tomcat-webxml-read-files(11195)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs53', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs53"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs53">...</li>
                                                                    <li class="vs53 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs53 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs53 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs53 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs53 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs53 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs53 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs53 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs53 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0042">CVE-2003-0042</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2003-0042')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/6721">6721</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=104394568616290&amp;w=2">20030130 Apache Jakarta Tomcat 3 URL parsing vulnerability</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/n-060.shtml">N-060</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2003/dsa-246">DSA-246</a></li>
                                                                            <li>HP - <a target="_blank" href="http://www.securityfocus.com/advisories/5111">HPSBUX0303-249</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/11194">tomcat-null-directory-listing(11194)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs54', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs54"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs54">...</li>
                                                                    <li class="vs54 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs54 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs54 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs54 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs54 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs54 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs54 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs54 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs54 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-2006">CVE-2002-2006</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2002-2006')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/4575">4575</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2002-04/0311.html">20020422 Tomcat real path disclosure (2)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1">239312</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1979/references">ADV-2008-1979</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/8932.php">tomcat-example-class-information(8932)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs55', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs55"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs55">...</li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs55 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1148">CVE-2002-1148</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2002-1148')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/5786">5786</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=103288242014253&amp;w=2">20020924 JSP source code exposure in Tomcat 4.x</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2002/dsa-170">DSA-170</a></li>
                                                                            <li>HP - <a target="_blank" href="http://online.securityfocus.com/advisories/4758">HPSBUX0212-229</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2002-217.html">RHSA-2002:217</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2002-218.html">RHSA-2002:218</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/10175.php">tomcat-servlet-source-code(10175)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs56', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs56"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs56">...</li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs56 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0493">CVE-2002-0493</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2002-0493')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-254 Security Features
                            </p>
                            <p>Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=101709002410365&amp;w=2">20020325 re: Tomcat Security Exposure</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.apachelabs.org/tomcat-dev/200108.mbox/%3C20010810000819.6350.qmail@icarus.apache.org%3E">http://www.apachelabs.org/tomcat-dev/200108.mbox/%3C20010810000819.6350.qmail@icarus.apache.org%3E</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/9863.php">tomcat-xml-bypass-restrictions(9863)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs57"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0590">CVE-2001-0590</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2001-0590')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2001-04/0031.html">20010403 Re: Tomcat may reveal script source code by URL trickery </a></li>
                                                                            <li>HP - <a target="_blank" href="http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-004">HPSBTL0112-004</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/static/6971.php">jakarta-tomcat-jsp-source(6971)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs58"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-1210">CVE-2000-1210</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2000-1210')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=95371672300045&amp;w=2">20000322 Security bug in Apache project: Jakarta Tomcat</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/4205.php">apache-tomcat-file-contents(4205)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs59"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0760">CVE-2000-0760</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2000-0760')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
                            </p>
                            <p>The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/1532">1532</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719235404.24004A-100000@grex.cyberspace.org">20000719 [LoWNOISE] Snoop Servlet (Tomcat 3.1 and 3.0)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs60', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs60"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs60">...</li>
                                                                    <li class="vs60 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs60 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0672">CVE-2000-0672</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-annotations-api-8.0.39.jar', 'e6c758db747fea851d1204d80977837214225e6e', 'cve', 'CVE-2000-0672')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/1548">1548</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2000-07/0309.html">20000721 Jakarta-tomcat.../admin</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/static/5160.php">jakarta-tomcat-admin</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs61', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs61"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs61">...</li>
                                                                    <li class="vs61 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A3.1">cpe:/a:apache:http_server:3.1</a> </li>
                                                                    <li class="vs61 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs61 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l212_eeee8ea81a19db788beb6a2c08c76c26ee949e77"></a>tomcat-api-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Definition of interfaces shared by Catalina and Jasper<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-api\8.0.39\eeee8ea81a19db788beb6a2c08c76c26ee949e77\tomcat-api-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;3be6b6891eec06dae5799ee895b00952<br/>
                            <b>SHA1:</b>&nbsp;eeee8ea81a19db788beb6a2c08c76c26ee949e77
                                                                                </p>
                                                <h4 id="header445" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content445" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-api-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Definition of interfaces shared by Catalina and Jasper</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header446" class="subsectionheader white">Identifiers</h4>
                                                <div id="content446" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-api-8.0.39.jar', 'eeee8ea81a19db788beb6a2c08c76c26ee949e77', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-api/8.0.39/tomcat-api-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-api:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l213_9f8d14719f30595f02c90f4f0710e9f88d315a2f"></a>tomcat-catalina-ha-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Tomcat High Availability Implementation<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-catalina-ha\8.0.39\9f8d14719f30595f02c90f4f0710e9f88d315a2f\tomcat-catalina-ha-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;c4a6517ab1edefbdb13bca2df89298fd<br/>
                            <b>SHA1:</b>&nbsp;9f8d14719f30595f02c90f4f0710e9f88d315a2f
                                                                                </p>
                                                <h4 id="header447" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content447" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-catalina-ha</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-catalina-ha-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>catalina</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ha</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-catalina-ha</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Tomcat High Availability Implementation</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header448" class="subsectionheader white">Identifiers</h4>
                                                <div id="content448" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-catalina-ha-8.0.39.jar', '9f8d14719f30595f02c90f4f0710e9f88d315a2f', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-catalina-ha/8.0.39/tomcat-catalina-ha-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-catalina-ha:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l214_d20f0c7ddafdf6756ac21992daff67bf11f7f8eb"></a>tomcat-catalina-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Tomcat Servlet Engine Core Classes and Standard implementations<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-catalina\8.0.39\d20f0c7ddafdf6756ac21992daff67bf11f7f8eb\tomcat-catalina-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;680803f666bf125eedda5b29afd46fd9<br/>
                            <b>SHA1:</b>&nbsp;d20f0c7ddafdf6756ac21992daff67bf11f7f8eb
                                                                                </p>
                                                <h4 id="header449" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content449" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-catalina</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-catalina-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>catalina</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-catalina</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Tomcat Servlet Engine Core Classes and Standard implementations</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header450" class="subsectionheader white">Identifiers</h4>
                                                <div id="content450" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-catalina-8.0.39.jar', 'd20f0c7ddafdf6756ac21992daff67bf11f7f8eb', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-catalina/8.0.39/tomcat-catalina-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-catalina:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l215_2ed123189ca313c6698ca3c6a3850cac2779f93a"></a>tomcat-coyote-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Tomcat Connectors and HTTP parser<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-coyote\8.0.39\2ed123189ca313c6698ca3c6a3850cac2779f93a\tomcat-coyote-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;30b4238c9b54b11b1cbdc66bc243a993<br/>
                            <b>SHA1:</b>&nbsp;2ed123189ca313c6698ca3c6a3850cac2779f93a
                                                                                </p>
                                                <h4 id="header451" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content451" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-coyote</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-coyote-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tomcat</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>util</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-coyote</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Tomcat Connectors and HTTP parser</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header452" class="subsectionheader white">Identifiers</h4>
                                                <div id="content452" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-coyote-8.0.39.jar', '2ed123189ca313c6698ca3c6a3850cac2779f93a', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-coyote/8.0.39/tomcat-coyote-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-coyote:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l216_cd9bedd6df6e9729d02bcc07e27bfe832d603a50"></a>tomcat-el-api-8.0.39.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Expression language package<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-el-api\8.0.39\cd9bedd6df6e9729d02bcc07e27bfe832d603a50\tomcat-el-api-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;1f1336f69adc4ef877c69630ac81cb47<br/>
                            <b>SHA1:</b>&nbsp;cd9bedd6df6e9729d02bcc07e27bfe832d603a50
                                                                                </p>
                                                <h4 id="header453" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content453" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-el-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-el-api-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>el</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>manifest: javax/el/</td><td>Implementation-Title</td><td>javax.el</td></tr>
                                                                    <tr><td>manifest: javax/el/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/el/</td><td>Implementation-Version</td><td>3.0.FR</td></tr>
                                                                    <tr><td>manifest: javax/el/</td><td>Specification-Title</td><td>Expression Language</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-el-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Expression language package</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header454" class="subsectionheader white">Identifiers</h4>
                                                <div id="content454" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0" target="_blank">cpe:/a:apache:tomcat:3.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:MEDIUM
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cpe', 'cpe:/a:apache:tomcat:3.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-el-api/8.0.39/tomcat-el-api-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-el-api:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header455" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content455" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0119">CVE-2014-0119</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2014-0119')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67669">67669</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1588193">http://svn.apache.org/viewvc?view=revision&revision=1588193</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1588199">http://svn.apache.org/viewvc?view=revision&revision=1588199</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589640">http://svn.apache.org/viewvc?view=revision&revision=1589640</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589837">http://svn.apache.org/viewvc?view=revision&revision=1589837</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589980">http://svn.apache.org/viewvc?view=revision&revision=1589980</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589983">http://svn.apache.org/viewvc?view=revision&revision=1589983</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589985">http://svn.apache.org/viewvc?view=revision&revision=1589985</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589990">http://svn.apache.org/viewvc?view=revision&revision=1589990</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589992">http://svn.apache.org/viewvc?view=revision&revision=1589992</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589997">http://svn.apache.org/viewvc?view=revision&revision=1589997</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1590028">http://svn.apache.org/viewvc?view=revision&revision=1590028</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1590036">http://svn.apache.org/viewvc?view=revision&revision=1590036</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1593815">http://svn.apache.org/viewvc?view=revision&revision=1593815</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1593821">http://svn.apache.org/viewvc?view=revision&revision=1593821</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html">http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3552">DSA-3552</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/May/141">20140527 [SECURITY] CVE-2014-0119 Apache Tomcat information disclosure</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030298">1030298</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs62', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs62"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs62">...</li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.53">cpe:/a:apache:tomcat:7.0.53</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                    <li class="vs62 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.5">cpe:/a:apache:tomcat:8.0.5</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0099">CVE-2014-0099</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2014-0099')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67668">67668</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/532221/100/0/threaded">20140527 Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/532218/100/0/threaded">20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://linux.oracle.com/errata/ELSA-2014-0865.html">http://linux.oracle.com/errata/ELSA-2014-0865.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578812">http://svn.apache.org/viewvc?view=revision&revision=1578812</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578814">http://svn.apache.org/viewvc?view=revision&revision=1578814</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1580473">http://svn.apache.org/viewvc?view=revision&revision=1580473</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21680603">http://www-01.ibm.com/support/docview.wss?uid=swg21680603</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3447">DSA-3447</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html">FEDORA-2015-2109</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141390017113542&amp;w=2">HPSBUX03150</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030302">1030302</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59121">59121</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs63', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs63"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs63">...</li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs63 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0096">CVE-2014-0096</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2014-0096')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67667">67667</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://linux.oracle.com/errata/ELSA-2014-0865.html">http://linux.oracle.com/errata/ELSA-2014-0865.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578610">http://svn.apache.org/viewvc?view=revision&revision=1578610</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578611">http://svn.apache.org/viewvc?view=revision&revision=1578611</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578637">http://svn.apache.org/viewvc?view=revision&revision=1578637</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578655">http://svn.apache.org/viewvc?view=revision&revision=1578655</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1585853">http://svn.apache.org/viewvc?view=revision&revision=1585853</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.novell.com/support/kb/doc.php?id=7010166">http://www.novell.com/support/kb/doc.php?id=7010166</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3552">DSA-3552</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html">FEDORA-2015-2109</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/May/135">20140527 [SECURITY] CVE-2014-0096 Apache Tomcat information disclosure</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030301">1030301</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59121">59121</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs64', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs64"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs64">...</li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs64 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0075">CVE-2014-0075</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2014-0075')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67671">67671</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://linux.oracle.com/errata/ELSA-2014-0865.html">http://linux.oracle.com/errata/ELSA-2014-0865.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578337">http://svn.apache.org/viewvc?view=revision&revision=1578337</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578341">http://svn.apache.org/viewvc?view=revision&revision=1578341</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1579262">http://svn.apache.org/viewvc?view=revision&revision=1579262</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21680603">http://www-01.ibm.com/support/docview.wss?uid=swg21680603</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.novell.com/support/kb/doc.php?id=7010166">http://www.novell.com/support/kb/doc.php?id=7010166</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3447">DSA-3447</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html">FEDORA-2015-2109</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141390017113542&amp;w=2">HPSBUX03150</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59121">59121</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs65', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs65"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs65">...</li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs65 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6357">CVE-2013-6357</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2013-6357')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that &quot;the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator.&quot;
                                                                    <ul>
                                                                            <li>MISC - <a target="_blank" href="http://www.webapp-security.com/wp-content/uploads/2013/11/Apache-Tomcat-5.5.25-CSRF-Vulnerabilities.txt">http://www.webapp-security.com/wp-content/uploads/2013/11/Apache-Tomcat-5.5.25-CSRF-Vulnerabilities.txt</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs66', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs66"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs66">...</li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs66 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4590">CVE-2013-4590</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2013-4590')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain &quot;Tomcat internals&quot; information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65768">65768</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0148.html">http://advisories.mageia.org/MGASA-2014-0148.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549528">http://svn.apache.org/viewvc?view=revision&revision=1549528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549529">http://svn.apache.org/viewvc?view=revision&revision=1549529</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1558828">http://svn.apache.org/viewvc?view=revision&revision=1558828</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21667883">http://www-01.ibm.com/support/docview.wss?uid=swg21667883</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675886">http://www-01.ibm.com/support/docview.wss?uid=swg21675886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677147">http://www-01.ibm.com/support/docview.wss?uid=swg21677147</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0008.html">http://www.vmware.com/security/advisories/VMSA-2014-0008.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1069911">https://bugzilla.redhat.com/show_bug.cgi?id=1069911</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs67', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs67"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs67">...</li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a>  and all previous versions</li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc3">cpe:/a:apache:tomcat:8.0.0:rc3</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc4">cpe:/a:apache:tomcat:8.0.0:rc4</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc6">cpe:/a:apache:tomcat:8.0.0:rc6</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc7">cpe:/a:apache:tomcat:8.0.0:rc7</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc8">cpe:/a:apache:tomcat:8.0.0:rc8</a> </li>
                                                                    <li class="vs67 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc9">cpe:/a:apache:tomcat:8.0.0:rc9</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4444">CVE-2013-4444</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2013-4444')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-94 Improper Control of Generation of Code ('Code Injection')
                            </p>
                            <p>Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/69728">69728</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-09/0075.html">20140910 CVE-2013-4444 Remote Code Execution in Apache Tomcat</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3447">DSA-3447</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2014/10/24/12">[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030834">1030834</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs68', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs68"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                    <li class="vs68">...</li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs68 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4322">CVE-2013-4322</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2013-4322')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65767">65767</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0148.html">http://advisories.mageia.org/MGASA-2014-0148.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521834">http://svn.apache.org/viewvc?view=revision&revision=1521834</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521864">http://svn.apache.org/viewvc?view=revision&revision=1521864</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549522">http://svn.apache.org/viewvc?view=revision&revision=1549522</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549523">http://svn.apache.org/viewvc?view=revision&revision=1549523</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1556540">http://svn.apache.org/viewvc?view=revision&revision=1556540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21667883">http://www-01.ibm.com/support/docview.wss?uid=swg21667883</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675886">http://www-01.ibm.com/support/docview.wss?uid=swg21675886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677147">http://www-01.ibm.com/support/docview.wss?uid=swg21677147</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678113">http://www-01.ibm.com/support/docview.wss?uid=swg21678113</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0008.html">http://www.vmware.com/security/advisories/VMSA-2014-0008.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1069905">https://bugzilla.redhat.com/show_bug.cgi?id=1069905</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="https://rhn.redhat.com/errata/RHSA-2014-0686.html">RHSA-2014:0686</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs69', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs69"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs69">...</li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a>  and all previous versions</li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc3">cpe:/a:apache:tomcat:8.0.0:rc3</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc4">cpe:/a:apache:tomcat:8.0.0:rc4</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc6">cpe:/a:apache:tomcat:8.0.0:rc6</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc7">cpe:/a:apache:tomcat:8.0.0:rc7</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc8">cpe:/a:apache:tomcat:8.0.0:rc8</a> </li>
                                                                    <li class="vs69 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc9">cpe:/a:apache:tomcat:8.0.0:rc9</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4286">CVE-2013-4286</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2013-4286')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a &quot;Transfer-Encoding: chunked&quot; header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65773">65773</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0148.html">http://advisories.mageia.org/MGASA-2014-0148.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521829">http://svn.apache.org/viewvc?view=revision&revision=1521829</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521854">http://svn.apache.org/viewvc?view=revision&revision=1521854</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1552565">http://svn.apache.org/viewvc?view=revision&revision=1552565</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21667883">http://www-01.ibm.com/support/docview.wss?uid=swg21667883</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675886">http://www-01.ibm.com/support/docview.wss?uid=swg21675886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677147">http://www-01.ibm.com/support/docview.wss?uid=swg21677147</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678113">http://www-01.ibm.com/support/docview.wss?uid=swg21678113</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html">http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html">http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1069921">https://bugzilla.redhat.com/show_bug.cgi?id=1069921</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141390017113542&amp;w=2">HPSBUX03150</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0343.html">RHSA-2014:0343</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0344.html">RHSA-2014:0344</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0345.html">RHSA-2014:0345</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="https://rhn.redhat.com/errata/RHSA-2014-0686.html">RHSA-2014:0686</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs70', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs70"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs70">...</li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a>  and all previous versions</li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs70 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2185">CVE-2013-2185</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2013-2185')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
                                                                    <ul>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2013/09/05/4">[oss-security] 20130905 Re: CVE-2013-2185 / Tomcat</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2014/10/24/12">[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-1193.html">RHSA-2013:1193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-1194.html">RHSA-2013:1194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-1265.html">RHSA-2013:1265</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs71', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs71"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                    <li class="vs71">...</li>
                                                                    <li class="vs71 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                                                    <li class="vs71 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_application_platform%3A6.1.0">cpe:/a:redhat:jboss_enterprise_application_platform:6.1.0</a> </li>
                                                                    <li class="vs71 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_portal_platform%3A6.0.0">cpe:/a:redhat:jboss_enterprise_portal_platform:6.0.0</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5568">CVE-2012-5568</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2012-5568')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/56686">56686</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=880011">https://bugzilla.redhat.com/show_bug.cgi?id=880011</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://captainholly.wordpress.com/2009/06/19/slowloris-vs-tomcat/">http://captainholly.wordpress.com/2009/06/19/slowloris-vs-tomcat/</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2012/11/26/2">[oss-security] 20121125 Re: CVE Request: slowloris for tomcat</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-tc2147776.html">[users] 20090619 How does Tomcat handle a slow HTTP DoS?</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-tc2147779.html">[users] 20090620 Re: How does Tomcat handle a slow HTTP DoS?</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html">openSUSE-SU-2012:1700</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html">openSUSE-SU-2012:1701</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html">openSUSE-SU-2013:0147</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/80317">apache-tomcat-slowloris-dos(80317)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs72', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs72"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs72">...</li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs72 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3548">CVE-2009-3548</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2009-3548')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-255 Credentials Management
                            </p>
                            <p>The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36954">36954</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507720/100/0/threaded">20091109 [SECURITY] CVE-2009-3548 Apache Tomcat Windows Installer insecure default administrative password</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded">20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2011-0003.html">http://www.vmware.com/security/advisories/VMSA-2011-0003.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html">http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=139344343412337&amp;w=2">HPSBST02955</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113">HPSBUX02541</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=136485229118404&amp;w=2">HPSBUX02860</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=127420533226623&amp;w=2">SSRT100029</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=133469267822771&amp;w=2">SSRT100825</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://markmail.org/thread/wfu4nff5chvkb6xp">http://markmail.org/thread/wfu4nff5chvkb6xp</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1023146">1023146</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/3185">ADV-2009-3185</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1559">ADV-2010-1559</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/54182">tomcat-admin-default-password(54182)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs73', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs73"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs73">...</li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.4">cpe:/a:apache:tomcat:4.1.4</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.5">cpe:/a:apache:tomcat:4.1.5</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.6">cpe:/a:apache:tomcat:4.1.6</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.7">cpe:/a:apache:tomcat:4.1.7</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.8">cpe:/a:apache:tomcat:4.1.8</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9">cpe:/a:apache:tomcat:4.1.9</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.11">cpe:/a:apache:tomcat:4.1.11</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.13">cpe:/a:apache:tomcat:4.1.13</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.14">cpe:/a:apache:tomcat:4.1.14</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.16">cpe:/a:apache:tomcat:4.1.16</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.17">cpe:/a:apache:tomcat:4.1.17</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.18">cpe:/a:apache:tomcat:4.1.18</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.19">cpe:/a:apache:tomcat:4.1.19</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.20">cpe:/a:apache:tomcat:4.1.20</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.21">cpe:/a:apache:tomcat:4.1.21</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.22">cpe:/a:apache:tomcat:4.1.22</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.23">cpe:/a:apache:tomcat:4.1.23</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.25">cpe:/a:apache:tomcat:4.1.25</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.26">cpe:/a:apache:tomcat:4.1.26</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.27">cpe:/a:apache:tomcat:4.1.27</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.30">cpe:/a:apache:tomcat:4.1.30</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.32">cpe:/a:apache:tomcat:4.1.32</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.33">cpe:/a:apache:tomcat:4.1.33</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.34">cpe:/a:apache:tomcat:4.1.34</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.35">cpe:/a:apache:tomcat:4.1.35</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.37">cpe:/a:apache:tomcat:4.1.37</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.38">cpe:/a:apache:tomcat:4.1.38</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.39">cpe:/a:apache:tomcat:4.1.39</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs73 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2696">CVE-2009-2696</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2009-2696')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to &quot;invalid HTML.&quot; NOTE: this is due to a missing fix for CVE-2009-0781.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=616717">https://bugzilla.redhat.com/show_bug.cgi?id=616717</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0580.html">RHSA-2010:0580</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1986">ADV-2010-1986</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs74"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.39">cpe:/a:apache:tomcat:4.1.39</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0128">CVE-2008-0128</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2008-0128')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/27365">27365</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41217">http://issues.apache.org/bugzilla/show_bug.cgi?id=41217</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://security-tracker.debian.net/tracker/CVE-2008-0128">http://security-tracker.debian.net/tracker/CVE-2008-0128</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html">SUSE-SR:2008:005</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0192">ADV-2008-0192</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/39804">apache-singlesignon-information-disclosure(39804)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs75"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2449">CVE-2007-2449</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2007-2449')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                            </p>
                            <p>Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a &quot;snp/snoop.jsp;&quot; sequence.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html">APPLE-SA-2008-06-30</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/24476">24476</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/471351/100/0/threaded">20070614 [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT2163">http://support.apple.com/kb/HT2163</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html">FEDORA-2007-3456</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795">HPSBUX02262</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:241">MDKSA-2007:241</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0569.html">RHSA-2007:0569</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018245">1018245</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/2804">2804</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html">SUSE-SR:2008:007</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html">SUSE-SR:2009:004</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/2213">ADV-2007-2213</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3386">ADV-2007-3386</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1981/references">ADV-2008-1981</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/34869">tomcat-example-xss(34869)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs76', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs76"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a>  and all previous versions</li>
                                    <li class="vs76">...</li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a>  and all previous versions</li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs76 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1358">CVE-2007-1358</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2007-1358')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted &quot;Accept-Language headers that do not conform to RFC 2616&quot;.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html">APPLE-SA-2007-07-31</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/24524">24524</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25159">25159</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/471719/100/0/threaded">20070618 [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.info.apple.com/article.html?artnum=306172">http://docs.info.apple.com/article.html?artnum=306172</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html">http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html">FEDORA-2007-3456</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795">HPSBUX02262</a></li>
                                                                            <li>JVN - <a target="_blank" href="http://jvn.jp/jp/JVN%2316535199/index.html">JVN#16535199</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018269">1018269</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1">239312</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1729">ADV-2007-1729</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/2732">ADV-2007-2732</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3087">ADV-2007-3087</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3386">ADV-2007-3386</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1979/references">ADV-2008-1979</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs77', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs77"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                    <li class="vs77">...</li>
                                                                    <li class="vs77 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs77 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs77 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs77 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs77 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs77 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs77 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs77 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs77 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0450">CVE-2007-0450</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2007-0450')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
                            </p>
                            <p>Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) &quot;/&quot; (slash), (2) &quot;\&quot; (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html">APPLE-SA-2007-07-31</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/22960">22960</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25159">25159</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/462791/100/0/threaded">20070314 SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/485938/100/0/threaded">20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.info.apple.com/article.html?artnum=306172">http://docs.info.apple.com/article.html?artnum=306172</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm">http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html">http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200705-03.xml">GLSA-200705-03</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795">SSRT071447</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:241">MDKSA-2007:241</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.sec-consult.com/287.html">http://www.sec-consult.com/287.html</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt">http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://lists.vmware.com/pipermail/security-announce/2008/000003.html">[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0327.html">RHSA-2007:0327</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0360.html">RHSA-2007:0360</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/2446">2446</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1">239312</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://www.novell.com/linux/security/advisories/2007_5_sr.html">SUSE-SR:2007:005</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://www.novell.com/linux/security/advisories/2007_15_sr.html">SUSE-SR:2007:015</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/0975">ADV-2007-0975</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/2732">ADV-2007-2732</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3087">ADV-2007-3087</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3386">ADV-2007-3386</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0065">ADV-2008-0065</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1979/references">ADV-2008-1979</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/32988">tomcat-proxy-directory-traversal(32988)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs78', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs78"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a>  and all previous versions</li>
                                    <li class="vs78">...</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A%3A%3Awin32">cpe:/a:apache:http_server:::win32</a> </li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a>  and all previous versions</li>
                                                                    <li class="vs78 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-7196">CVE-2006-7196</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2006-7196')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25531">25531</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/478491/100/0/threaded">20070904 Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/478609/100/0/threaded">20070905 Re: Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm">http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html">SUSE-SR:2008:005</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1729">ADV-2007-1729</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs79', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs79"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                    <li class="vs79">...</li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs79 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4838">CVE-2005-4838</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2005-4838')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065598.html">20070906 Apache Tomcat remote xss</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.oliverkarow.de/research/jakarta556_xss.txt">http://www.oliverkarow.de/research/jakarta556_xss.txt</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=tomcat-dev&amp;m=110476790331536&amp;w=2">[tomcat-dev] 20050103 Re: Fwd: XSS in Jakarta Tomcat 5.5.6</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=tomcat-dev&amp;m=110477195116951&amp;w=2">[tomcat-dev] 20050103 [PATCH jakarta-servletapi-5] Re: Fwd: XSS in Jakarta Tomcat 5.5.6</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1012793">1012793</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/36467">tomcat-functions-xss(36467)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs80"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0808">CVE-2005-0808</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2005-0808')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/12795">12795</a></li>
                                                                            <li>CERT-VN - <a target="_blank" href="http://www.kb.cert.org/vuls/id/204710">VU#204710</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.hitachi-support.com/security_e/vuls_e/HS05-006_e/index-e.html">http://www.hitachi-support.com/security_e/vuls_e/HS05-006_e/index-e.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.kb.cert.org/vuls/id/JGEI-6A2LEF">http://www.kb.cert.org/vuls/id/JGEI-6A2LEF</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/19681">tomcat-manager-ajp12-dos(19681)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs81', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs81"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs81">...</li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs81 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0045">CVE-2003-0045</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2003-0045')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/12102">jakarta-tomcat-msdos-dos(12102)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs82', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs82"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs82">...</li>
                                                                    <li class="vs82 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs82 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs82 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs82 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs82 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs82 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs82 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs82 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs82 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0044">CVE-2003-0044</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2003-0044')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/6720">6720</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/n-060.shtml">N-060</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2003/dsa-246">DSA-246</a></li>
                                                                            <li>HP - <a target="_blank" href="http://www.securityfocus.com/advisories/5111">HPSBUX0303-249</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/11196">tomcat-web-app-xss(11196)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs83', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs83"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs83">...</li>
                                                                    <li class="vs83 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs83 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs83 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs83 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs83 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs83 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs83 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs83 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs83 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs83 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0043">CVE-2003-0043</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2003-0043')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/6722">6722</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/n-060.shtml">N-060</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2003/dsa-246">DSA-246</a></li>
                                                                            <li>HP - <a target="_blank" href="http://www.securityfocus.com/advisories/5111">HPSBUX0303-249</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/11195">tomcat-webxml-read-files(11195)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs84', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs84"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs84">...</li>
                                                                    <li class="vs84 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs84 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs84 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs84 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs84 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs84 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs84 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs84 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs84 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0042">CVE-2003-0042</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2003-0042')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/6721">6721</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=104394568616290&amp;w=2">20030130 Apache Jakarta Tomcat 3 URL parsing vulnerability</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/n-060.shtml">N-060</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2003/dsa-246">DSA-246</a></li>
                                                                            <li>HP - <a target="_blank" href="http://www.securityfocus.com/advisories/5111">HPSBUX0303-249</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/11194">tomcat-null-directory-listing(11194)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs85', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs85"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs85">...</li>
                                                                    <li class="vs85 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs85 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs85 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs85 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs85 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs85 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs85 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs85 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs85 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-2006">CVE-2002-2006</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2002-2006')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/4575">4575</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2002-04/0311.html">20020422 Tomcat real path disclosure (2)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1">239312</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1979/references">ADV-2008-1979</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/8932.php">tomcat-example-class-information(8932)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs86', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs86"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs86">...</li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs86 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1148">CVE-2002-1148</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2002-1148')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/5786">5786</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=103288242014253&amp;w=2">20020924 JSP source code exposure in Tomcat 4.x</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2002/dsa-170">DSA-170</a></li>
                                                                            <li>HP - <a target="_blank" href="http://online.securityfocus.com/advisories/4758">HPSBUX0212-229</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2002-217.html">RHSA-2002:217</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2002-218.html">RHSA-2002:218</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/10175.php">tomcat-servlet-source-code(10175)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs87', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs87"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs87">...</li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs87 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0493">CVE-2002-0493</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2002-0493')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-254 Security Features
                            </p>
                            <p>Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=101709002410365&amp;w=2">20020325 re: Tomcat Security Exposure</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.apachelabs.org/tomcat-dev/200108.mbox/%3C20010810000819.6350.qmail@icarus.apache.org%3E">http://www.apachelabs.org/tomcat-dev/200108.mbox/%3C20010810000819.6350.qmail@icarus.apache.org%3E</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/9863.php">tomcat-xml-bypass-restrictions(9863)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs88"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0590">CVE-2001-0590</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2001-0590')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2001-04/0031.html">20010403 Re: Tomcat may reveal script source code by URL trickery </a></li>
                                                                            <li>HP - <a target="_blank" href="http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-004">HPSBTL0112-004</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/static/6971.php">jakarta-tomcat-jsp-source(6971)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs89"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-1210">CVE-2000-1210</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2000-1210')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=95371672300045&amp;w=2">20000322 Security bug in Apache project: Jakarta Tomcat</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/4205.php">apache-tomcat-file-contents(4205)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs90"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0760">CVE-2000-0760</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2000-0760')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
                            </p>
                            <p>The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/1532">1532</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719235404.24004A-100000@grex.cyberspace.org">20000719 [LoWNOISE] Snoop Servlet (Tomcat 3.1 and 3.0)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs91', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs91"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs91">...</li>
                                                                    <li class="vs91 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs91 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0672">CVE-2000-0672</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-el-api-8.0.39.jar', 'cd9bedd6df6e9729d02bcc07e27bfe832d603a50', 'cve', 'CVE-2000-0672')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/1548">1548</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2000-07/0309.html">20000721 Jakarta-tomcat.../admin</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/static/5160.php">jakarta-tomcat-admin</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs92', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs92"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                    <li class="vs92">...</li>
                                                                    <li class="vs92 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A3.1">cpe:/a:apache:http_server:3.1</a> </li>
                                                                    <li class="vs92 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs92 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l217_cba7eee5fb858d17db7a99dc8f049a45fa91ab73"></a>tomcat-jasper-el-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Jasper Expression Language Impl<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-jasper-el\8.0.39\cba7eee5fb858d17db7a99dc8f049a45fa91ab73\tomcat-jasper-el-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;c93f0fd3d736a884bf09d1a2aa3f62f8<br/>
                            <b>SHA1:</b>&nbsp;cba7eee5fb858d17db7a99dc8f049a45fa91ab73
                                                                                </p>
                                                <h4 id="header456" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content456" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-jasper-el</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-jasper-el-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>el</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>parser</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-jasper-el</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Jasper Expression Language Impl</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header457" class="subsectionheader white">Identifiers</h4>
                                                <div id="content457" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-jasper-el-8.0.39.jar', 'cba7eee5fb858d17db7a99dc8f049a45fa91ab73', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-jasper-el/8.0.39/tomcat-jasper-el-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-jasper-el:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l218_11dd04519539203f93441e190386aef56300dd06"></a>tomcat-jasper-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Tomcats JSP Parser<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-jasper\8.0.39\11dd04519539203f93441e190386aef56300dd06\tomcat-jasper-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;06e893260ed1bbeb9644e0f46f5c4f7d<br/>
                            <b>SHA1:</b>&nbsp;11dd04519539203f93441e190386aef56300dd06
                                                                                </p>
                                                <h4 id="header458" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content458" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-jasper</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-jasper-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>compiler</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jasper</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-jasper</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Tomcats JSP Parser</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header459" class="subsectionheader white">Identifiers</h4>
                                                <div id="content459" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-jasper-8.0.39.jar', '11dd04519539203f93441e190386aef56300dd06', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-jasper/8.0.39/tomcat-jasper-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-jasper:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l219_20ad922054350aac0772a77490ebe1e11d6cb273"></a>tomcat-jni-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Interface code to the native connector<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-jni\8.0.39\20ad922054350aac0772a77490ebe1e11d6cb273\tomcat-jni-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;6f623395febc07ed4ed51f0eacb89df5<br/>
                            <b>SHA1:</b>&nbsp;20ad922054350aac0772a77490ebe1e11d6cb273
                                                                                </p>
                                                <h4 id="header460" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content460" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-jni</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-jni-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jni</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-jni</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Interface code to the native connector</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header461" class="subsectionheader white">Identifiers</h4>
                                                <div id="content461" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-jni-8.0.39.jar', '20ad922054350aac0772a77490ebe1e11d6cb273', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-jni/8.0.39/tomcat-jni-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-jni:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l220_f7a1bf2373d9d9e030e31a5745be5fda9dca1e45"></a>tomcat-jsp-api-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;JSP package<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-jsp-api\8.0.39\f7a1bf2373d9d9e030e31a5745be5fda9dca1e45\tomcat-jsp-api-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;430bdcc77de8d4c9392374fe2301e12d<br/>
                            <b>SHA1:</b>&nbsp;f7a1bf2373d9d9e030e31a5745be5fda9dca1e45
                                                                                </p>
                                                <h4 id="header462" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content462" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-jsp-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-jsp-api-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jsp</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>servlet</td></tr>
                                                                    <tr><td>manifest: javax/servlet/jsp/</td><td>Implementation-Title</td><td>javax.servlet.jsp</td></tr>
                                                                    <tr><td>manifest: javax/servlet/jsp/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/servlet/jsp/</td><td>Implementation-Version</td><td>2.3.FR</td></tr>
                                                                    <tr><td>manifest: javax/servlet/jsp/</td><td>Specification-Title</td><td>Java API for JavaServer Pages</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-jsp-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>JSP package</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header463" class="subsectionheader white">Identifiers</h4>
                                                <div id="content463" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-jsp-api-8.0.39.jar', 'f7a1bf2373d9d9e030e31a5745be5fda9dca1e45', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-jsp-api/8.0.39/tomcat-jsp-api-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-jsp-api:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l221_f6fc6863d31cf8ef0d9c0d28a3de35afe712a23b"></a>tomcat-juli-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Tomcat Core Logging Package<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-juli\8.0.39\f6fc6863d31cf8ef0d9c0d28a3de35afe712a23b\tomcat-juli-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;1fe2c4919204d9d96957f1231b8bcd7e<br/>
                            <b>SHA1:</b>&nbsp;f6fc6863d31cf8ef0d9c0d28a3de35afe712a23b
                                                                                </p>
                                                <h4 id="header464" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content464" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-juli</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-juli-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>juli</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-juli</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Tomcat Core Logging Package</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header465" class="subsectionheader white">Identifiers</h4>
                                                <div id="content465" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-juli/8.0.39/tomcat-juli-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-juli:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l222_f122b4ee5a6546132aa2c6b4c059c5b04ccfa623"></a>tomcat-servlet-api-8.0.39.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;javax.servlet package<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">
        Apache License, Version 2.0 and
        Common Development And Distribution License (CDDL) Version 1.0
      :
        http://www.apache.org/licenses/LICENSE-2.0.txt and
        http://www.opensource.org/licenses/cddl1.txt
      </pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-servlet-api\8.0.39\f122b4ee5a6546132aa2c6b4c059c5b04ccfa623\tomcat-servlet-api-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;ce940a1eb73feb5c8d93c23fcff32804<br/>
                            <b>SHA1:</b>&nbsp;f122b4ee5a6546132aa2c6b4c059c5b04ccfa623
                                                                                </p>
                                                <h4 id="header466" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content466" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-servlet-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-servlet-api-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>servlet</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Implementation-Title</td><td>javax.servlet</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Implementation-Version</td><td>3.1.FR</td></tr>
                                                                    <tr><td>manifest: javax/servlet/</td><td>Specification-Title</td><td>Java API for Servlets</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-servlet-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>javax.servlet package</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header467" class="subsectionheader white">Identifiers</h4>
                                                <div id="content467" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1" target="_blank">cpe:/a:apache:tomcat:3.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:MEDIUM
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cpe', 'cpe:/a:apache:tomcat:3.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-servlet-api/8.0.39/tomcat-servlet-api-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-servlet-api:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header468" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content468" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0119">CVE-2014-0119</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2014-0119')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67669">67669</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1588193">http://svn.apache.org/viewvc?view=revision&revision=1588193</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1588199">http://svn.apache.org/viewvc?view=revision&revision=1588199</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589640">http://svn.apache.org/viewvc?view=revision&revision=1589640</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589837">http://svn.apache.org/viewvc?view=revision&revision=1589837</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589980">http://svn.apache.org/viewvc?view=revision&revision=1589980</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589983">http://svn.apache.org/viewvc?view=revision&revision=1589983</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589985">http://svn.apache.org/viewvc?view=revision&revision=1589985</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589990">http://svn.apache.org/viewvc?view=revision&revision=1589990</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589992">http://svn.apache.org/viewvc?view=revision&revision=1589992</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1589997">http://svn.apache.org/viewvc?view=revision&revision=1589997</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1590028">http://svn.apache.org/viewvc?view=revision&revision=1590028</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1590036">http://svn.apache.org/viewvc?view=revision&revision=1590036</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1593815">http://svn.apache.org/viewvc?view=revision&revision=1593815</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1593821">http://svn.apache.org/viewvc?view=revision&revision=1593821</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html">http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3552">DSA-3552</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/May/141">20140527 [SECURITY] CVE-2014-0119 Apache Tomcat information disclosure</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030298">1030298</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs93', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs93"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs93">...</li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.53">cpe:/a:apache:tomcat:7.0.53</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                    <li class="vs93 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.5">cpe:/a:apache:tomcat:8.0.5</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0099">CVE-2014-0099</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2014-0099')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67668">67668</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/532221/100/0/threaded">20140527 Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/532218/100/0/threaded">20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://linux.oracle.com/errata/ELSA-2014-0865.html">http://linux.oracle.com/errata/ELSA-2014-0865.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578812">http://svn.apache.org/viewvc?view=revision&revision=1578812</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578814">http://svn.apache.org/viewvc?view=revision&revision=1578814</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1580473">http://svn.apache.org/viewvc?view=revision&revision=1580473</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21680603">http://www-01.ibm.com/support/docview.wss?uid=swg21680603</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3447">DSA-3447</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html">FEDORA-2015-2109</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141390017113542&amp;w=2">HPSBUX03150</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030302">1030302</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59121">59121</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs94', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs94"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs94">...</li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs94 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0096">CVE-2014-0096</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2014-0096')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67667">67667</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://linux.oracle.com/errata/ELSA-2014-0865.html">http://linux.oracle.com/errata/ELSA-2014-0865.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578610">http://svn.apache.org/viewvc?view=revision&revision=1578610</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578611">http://svn.apache.org/viewvc?view=revision&revision=1578611</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578637">http://svn.apache.org/viewvc?view=revision&revision=1578637</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578655">http://svn.apache.org/viewvc?view=revision&revision=1578655</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1585853">http://svn.apache.org/viewvc?view=revision&revision=1585853</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.novell.com/support/kb/doc.php?id=7010166">http://www.novell.com/support/kb/doc.php?id=7010166</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3552">DSA-3552</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html">FEDORA-2015-2109</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/May/135">20140527 [SECURITY] CVE-2014-0096 Apache Tomcat information disclosure</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030301">1030301</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59121">59121</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs95', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs95"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs95">...</li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs95 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0075">CVE-2014-0075</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2014-0075')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/67671">67671</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0268.html">http://advisories.mageia.org/MGASA-2014-0268.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://linux.oracle.com/errata/ELSA-2014-0865.html">http://linux.oracle.com/errata/ELSA-2014-0865.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578337">http://svn.apache.org/viewvc?view=revision&revision=1578337</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1578341">http://svn.apache.org/viewvc?view=revision&revision=1578341</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1579262">http://svn.apache.org/viewvc?view=revision&revision=1579262</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21680603">http://www-01.ibm.com/support/docview.wss?uid=swg21680603</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681528">http://www-01.ibm.com/support/docview.wss?uid=swg21681528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.novell.com/support/kb/doc.php?id=7010166">http://www.novell.com/support/kb/doc.php?id=7010166</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3447">DSA-3447</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html">FEDORA-2015-2109</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141390017113542&amp;w=2">HPSBUX03150</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141017844705317&amp;w=2">SSRT101681</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:053">MDVSA-2015:053</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0675.html">RHSA-2015:0675</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0720.html">RHSA-2015:0720</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2015-0765.html">RHSA-2015:0765</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59121">59121</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs96', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs96"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                    <li class="vs96">...</li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.39">cpe:/a:apache:tomcat:6.0.39</a>  and all previous versions</li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.47">cpe:/a:apache:tomcat:7.0.47</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.48">cpe:/a:apache:tomcat:7.0.48</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.49">cpe:/a:apache:tomcat:7.0.49</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.52">cpe:/a:apache:tomcat:7.0.52</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc10">cpe:/a:apache:tomcat:8.0.0:rc10</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.1">cpe:/a:apache:tomcat:8.0.1</a> </li>
                                                                    <li class="vs96 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.3">cpe:/a:apache:tomcat:8.0.3</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6357">CVE-2013-6357</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2013-6357')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that &quot;the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator.&quot;
                                                                    <ul>
                                                                            <li>MISC - <a target="_blank" href="http://www.webapp-security.com/wp-content/uploads/2013/11/Apache-Tomcat-5.5.25-CSRF-Vulnerabilities.txt">http://www.webapp-security.com/wp-content/uploads/2013/11/Apache-Tomcat-5.5.25-CSRF-Vulnerabilities.txt</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs97', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs97"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs97">...</li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs97 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4590">CVE-2013-4590</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2013-4590')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain &quot;Tomcat internals&quot; information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65768">65768</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0148.html">http://advisories.mageia.org/MGASA-2014-0148.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549528">http://svn.apache.org/viewvc?view=revision&revision=1549528</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549529">http://svn.apache.org/viewvc?view=revision&revision=1549529</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1558828">http://svn.apache.org/viewvc?view=revision&revision=1558828</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21667883">http://www-01.ibm.com/support/docview.wss?uid=swg21667883</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675886">http://www-01.ibm.com/support/docview.wss?uid=swg21675886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677147">http://www-01.ibm.com/support/docview.wss?uid=swg21677147</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0008.html">http://www.vmware.com/security/advisories/VMSA-2014-0008.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1069911">https://bugzilla.redhat.com/show_bug.cgi?id=1069911</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs98', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs98"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs98">...</li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a>  and all previous versions</li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc3">cpe:/a:apache:tomcat:8.0.0:rc3</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc4">cpe:/a:apache:tomcat:8.0.0:rc4</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc6">cpe:/a:apache:tomcat:8.0.0:rc6</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc7">cpe:/a:apache:tomcat:8.0.0:rc7</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc8">cpe:/a:apache:tomcat:8.0.0:rc8</a> </li>
                                                                    <li class="vs98 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc9">cpe:/a:apache:tomcat:8.0.0:rc9</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4444">CVE-2013-4444</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2013-4444')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-94 Improper Control of Generation of Code ('Code Injection')
                            </p>
                            <p>Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/69728">69728</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-09/0075.html">20140910 CVE-2013-4444 Remote Code Execution in Apache Tomcat</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3447">DSA-3447</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2014/10/24/12">[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1030834">1030834</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs99', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs99"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                    <li class="vs99">...</li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs99 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4322">CVE-2013-4322</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2013-4322')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65767">65767</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0148.html">http://advisories.mageia.org/MGASA-2014-0148.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521834">http://svn.apache.org/viewvc?view=revision&revision=1521834</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521864">http://svn.apache.org/viewvc?view=revision&revision=1521864</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549522">http://svn.apache.org/viewvc?view=revision&revision=1549522</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1549523">http://svn.apache.org/viewvc?view=revision&revision=1549523</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1556540">http://svn.apache.org/viewvc?view=revision&revision=1556540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21667883">http://www-01.ibm.com/support/docview.wss?uid=swg21667883</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675886">http://www-01.ibm.com/support/docview.wss?uid=swg21675886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677147">http://www-01.ibm.com/support/docview.wss?uid=swg21677147</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678113">http://www-01.ibm.com/support/docview.wss?uid=swg21678113</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0008.html">http://www.vmware.com/security/advisories/VMSA-2014-0008.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1069905">https://bugzilla.redhat.com/show_bug.cgi?id=1069905</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:084">MDVSA-2015:084</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="https://rhn.redhat.com/errata/RHSA-2014-0686.html">RHSA-2014:0686</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs100', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs100"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs100">...</li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a>  and all previous versions</li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.50">cpe:/a:apache:tomcat:7.0.50</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc3">cpe:/a:apache:tomcat:8.0.0:rc3</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc4">cpe:/a:apache:tomcat:8.0.0:rc4</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc5">cpe:/a:apache:tomcat:8.0.0:rc5</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc6">cpe:/a:apache:tomcat:8.0.0:rc6</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc7">cpe:/a:apache:tomcat:8.0.0:rc7</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc8">cpe:/a:apache:tomcat:8.0.0:rc8</a> </li>
                                                                    <li class="vs100 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc9">cpe:/a:apache:tomcat:8.0.0:rc9</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4286">CVE-2013-4286</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2013-4286')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a &quot;Transfer-Encoding: chunked&quot; header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65773">65773</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2014-0148.html">http://advisories.mageia.org/MGASA-2014-0148.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521829">http://svn.apache.org/viewvc?view=revision&revision=1521829</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1521854">http://svn.apache.org/viewvc?view=revision&revision=1521854</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1552565">http://svn.apache.org/viewvc?view=revision&revision=1552565</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21667883">http://www-01.ibm.com/support/docview.wss?uid=swg21667883</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21675886">http://www-01.ibm.com/support/docview.wss?uid=swg21675886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677147">http://www-01.ibm.com/support/docview.wss?uid=swg21677147</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678113">http://www-01.ibm.com/support/docview.wss?uid=swg21678113</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21678231">http://www-01.ibm.com/support/docview.wss?uid=swg21678231</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html">http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html">http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html">http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2014-0012.html">http://www.vmware.com/security/advisories/VMSA-2014-0012.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1069921">https://bugzilla.redhat.com/show_bug.cgi?id=1069921</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013">https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3530">DSA-3530</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Dec/23">20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=144498216801440&amp;w=2">HPSBOV03503</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=141390017113542&amp;w=2">HPSBUX03150</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:052">MDVSA-2015:052</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0343.html">RHSA-2014:0343</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0344.html">RHSA-2014:0344</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0345.html">RHSA-2014:0345</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="https://rhn.redhat.com/errata/RHSA-2014-0686.html">RHSA-2014:0686</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs101', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs101"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs101">...</li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4">cpe:/a:apache:tomcat:4</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5">cpe:/a:apache:tomcat:5</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6">cpe:/a:apache:tomcat:6</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.36">cpe:/a:apache:tomcat:6.0.36</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.37">cpe:/a:apache:tomcat:6.0.37</a>  and all previous versions</li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.24">cpe:/a:apache:tomcat:7.0.24</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.26">cpe:/a:apache:tomcat:7.0.26</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.27">cpe:/a:apache:tomcat:7.0.27</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.29">cpe:/a:apache:tomcat:7.0.29</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.30">cpe:/a:apache:tomcat:7.0.30</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.31">cpe:/a:apache:tomcat:7.0.31</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.32">cpe:/a:apache:tomcat:7.0.32</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.33">cpe:/a:apache:tomcat:7.0.33</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.34">cpe:/a:apache:tomcat:7.0.34</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.35">cpe:/a:apache:tomcat:7.0.35</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.36">cpe:/a:apache:tomcat:7.0.36</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.37">cpe:/a:apache:tomcat:7.0.37</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.38">cpe:/a:apache:tomcat:7.0.38</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.40">cpe:/a:apache:tomcat:7.0.40</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.41">cpe:/a:apache:tomcat:7.0.41</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.42">cpe:/a:apache:tomcat:7.0.42</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.43">cpe:/a:apache:tomcat:7.0.43</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.44">cpe:/a:apache:tomcat:7.0.44</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.45">cpe:/a:apache:tomcat:7.0.45</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.46">cpe:/a:apache:tomcat:7.0.46</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc1">cpe:/a:apache:tomcat:8.0.0:rc1</a> </li>
                                                                    <li class="vs101 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A8.0.0%3Arc2">cpe:/a:apache:tomcat:8.0.0:rc2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2185">CVE-2013-2185</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2013-2185')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
                                                                    <ul>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2013/09/05/4">[oss-security] 20130905 Re: CVE-2013-2185 / Tomcat</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2014/10/24/12">[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-1193.html">RHSA-2013:1193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-1194.html">RHSA-2013:1194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-1265.html">RHSA-2013:1265</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs102', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs102"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                    <li class="vs102">...</li>
                                                                    <li class="vs102 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.39">cpe:/a:apache:tomcat:7.0.39</a>  and all previous versions</li>
                                                                    <li class="vs102 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_application_platform%3A6.1.0">cpe:/a:redhat:jboss_enterprise_application_platform:6.1.0</a> </li>
                                                                    <li class="vs102 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_portal_platform%3A6.0.0">cpe:/a:redhat:jboss_enterprise_portal_platform:6.0.0</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5568">CVE-2012-5568</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2012-5568')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/56686">56686</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=880011">https://bugzilla.redhat.com/show_bug.cgi?id=880011</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://captainholly.wordpress.com/2009/06/19/slowloris-vs-tomcat/">http://captainholly.wordpress.com/2009/06/19/slowloris-vs-tomcat/</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://openwall.com/lists/oss-security/2012/11/26/2">[oss-security] 20121125 Re: CVE Request: slowloris for tomcat</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-tc2147776.html">[users] 20090619 How does Tomcat handle a slow HTTP DoS?</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-tc2147779.html">[users] 20090620 Re: How does Tomcat handle a slow HTTP DoS?</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html">openSUSE-SU-2012:1700</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html">openSUSE-SU-2012:1701</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html">openSUSE-SU-2013:0147</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/80317">apache-tomcat-slowloris-dos(80317)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs103', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs103"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs103">...</li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A1.1.3">cpe:/a:apache:tomcat:1.1.3</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.29">cpe:/a:apache:tomcat:5.5.29</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.30">cpe:/a:apache:tomcat:5.5.30</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.31">cpe:/a:apache:tomcat:5.5.31</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.32">cpe:/a:apache:tomcat:5.5.32</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.33">cpe:/a:apache:tomcat:5.5.33</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.34">cpe:/a:apache:tomcat:5.5.34</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.35">cpe:/a:apache:tomcat:5.5.35</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0%3Aalpha">cpe:/a:apache:tomcat:6.0.0:alpha</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1%3Aalpha">cpe:/a:apache:tomcat:6.0.1:alpha</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Aalpha">cpe:/a:apache:tomcat:6.0.2:alpha</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2%3Abeta">cpe:/a:apache:tomcat:6.0.2:beta</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4%3Aalpha">cpe:/a:apache:tomcat:6.0.4:alpha</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6%3Aalpha">cpe:/a:apache:tomcat:6.0.6:alpha</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Aalpha">cpe:/a:apache:tomcat:6.0.7:alpha</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7%3Abeta">cpe:/a:apache:tomcat:6.0.7:beta</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8%3Aalpha">cpe:/a:apache:tomcat:6.0.8:alpha</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9%3Abeta">cpe:/a:apache:tomcat:6.0.9:beta</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.19">cpe:/a:apache:tomcat:6.0.19</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.24">cpe:/a:apache:tomcat:6.0.24</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.26">cpe:/a:apache:tomcat:6.0.26</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.27">cpe:/a:apache:tomcat:6.0.27</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.28">cpe:/a:apache:tomcat:6.0.28</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.29">cpe:/a:apache:tomcat:6.0.29</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.30">cpe:/a:apache:tomcat:6.0.30</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.31">cpe:/a:apache:tomcat:6.0.31</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.32">cpe:/a:apache:tomcat:6.0.32</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.33">cpe:/a:apache:tomcat:6.0.33</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.35">cpe:/a:apache:tomcat:6.0.35</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0">cpe:/a:apache:tomcat:7.0.0</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.0%3Abeta">cpe:/a:apache:tomcat:7.0.0:beta</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.1">cpe:/a:apache:tomcat:7.0.1</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2">cpe:/a:apache:tomcat:7.0.2</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.2%3Abeta">cpe:/a:apache:tomcat:7.0.2:beta</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.3">cpe:/a:apache:tomcat:7.0.3</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4">cpe:/a:apache:tomcat:7.0.4</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.4%3Abeta">cpe:/a:apache:tomcat:7.0.4:beta</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.5">cpe:/a:apache:tomcat:7.0.5</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.6">cpe:/a:apache:tomcat:7.0.6</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.7">cpe:/a:apache:tomcat:7.0.7</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.8">cpe:/a:apache:tomcat:7.0.8</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.9">cpe:/a:apache:tomcat:7.0.9</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.10">cpe:/a:apache:tomcat:7.0.10</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.11">cpe:/a:apache:tomcat:7.0.11</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.12">cpe:/a:apache:tomcat:7.0.12</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.13">cpe:/a:apache:tomcat:7.0.13</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.14">cpe:/a:apache:tomcat:7.0.14</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.15">cpe:/a:apache:tomcat:7.0.15</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.16">cpe:/a:apache:tomcat:7.0.16</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.17">cpe:/a:apache:tomcat:7.0.17</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.18">cpe:/a:apache:tomcat:7.0.18</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.19">cpe:/a:apache:tomcat:7.0.19</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.20">cpe:/a:apache:tomcat:7.0.20</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.21">cpe:/a:apache:tomcat:7.0.21</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.22">cpe:/a:apache:tomcat:7.0.22</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.23">cpe:/a:apache:tomcat:7.0.23</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.25">cpe:/a:apache:tomcat:7.0.25</a> </li>
                                                                    <li class="vs103 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A7.0.28">cpe:/a:apache:tomcat:7.0.28</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3548">CVE-2009-3548</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2009-3548')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-255 Credentials Management
                            </p>
                            <p>The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36954">36954</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507720/100/0/threaded">20091109 [SECURITY] CVE-2009-3548 Apache Tomcat Windows Installer insecure default administrative password</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded">20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2011-0003.html">http://www.vmware.com/security/advisories/VMSA-2011-0003.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html">http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=139344343412337&amp;w=2">HPSBST02955</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113">HPSBUX02541</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=136485229118404&amp;w=2">HPSBUX02860</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=127420533226623&amp;w=2">SSRT100029</a></li>
                                                                            <li>HP - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=133469267822771&amp;w=2">SSRT100825</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://markmail.org/thread/wfu4nff5chvkb6xp">http://markmail.org/thread/wfu4nff5chvkb6xp</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1023146">1023146</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/3185">ADV-2009-3185</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1559">ADV-2010-1559</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/54182">tomcat-admin-default-password(54182)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs104', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs104"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs104">...</li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.1">cpe:/a:apache:tomcat:4.1.1</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.2">cpe:/a:apache:tomcat:4.1.2</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3">cpe:/a:apache:tomcat:4.1.3</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.4">cpe:/a:apache:tomcat:4.1.4</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.5">cpe:/a:apache:tomcat:4.1.5</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.6">cpe:/a:apache:tomcat:4.1.6</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.7">cpe:/a:apache:tomcat:4.1.7</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.8">cpe:/a:apache:tomcat:4.1.8</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9">cpe:/a:apache:tomcat:4.1.9</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.11">cpe:/a:apache:tomcat:4.1.11</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.12">cpe:/a:apache:tomcat:4.1.12</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.13">cpe:/a:apache:tomcat:4.1.13</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.14">cpe:/a:apache:tomcat:4.1.14</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.15">cpe:/a:apache:tomcat:4.1.15</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.16">cpe:/a:apache:tomcat:4.1.16</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.17">cpe:/a:apache:tomcat:4.1.17</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.18">cpe:/a:apache:tomcat:4.1.18</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.19">cpe:/a:apache:tomcat:4.1.19</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.20">cpe:/a:apache:tomcat:4.1.20</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.21">cpe:/a:apache:tomcat:4.1.21</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.22">cpe:/a:apache:tomcat:4.1.22</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.23">cpe:/a:apache:tomcat:4.1.23</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.24">cpe:/a:apache:tomcat:4.1.24</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.25">cpe:/a:apache:tomcat:4.1.25</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.26">cpe:/a:apache:tomcat:4.1.26</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.27">cpe:/a:apache:tomcat:4.1.27</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.28">cpe:/a:apache:tomcat:4.1.28</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.29">cpe:/a:apache:tomcat:4.1.29</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.30">cpe:/a:apache:tomcat:4.1.30</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.32">cpe:/a:apache:tomcat:4.1.32</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.33">cpe:/a:apache:tomcat:4.1.33</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.34">cpe:/a:apache:tomcat:4.1.34</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.35">cpe:/a:apache:tomcat:4.1.35</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.37">cpe:/a:apache:tomcat:4.1.37</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.38">cpe:/a:apache:tomcat:4.1.38</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.39">cpe:/a:apache:tomcat:4.1.39</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.23">cpe:/a:apache:tomcat:5.5.23</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.24">cpe:/a:apache:tomcat:5.5.24</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.25">cpe:/a:apache:tomcat:5.5.25</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.26">cpe:/a:apache:tomcat:5.5.26</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.27">cpe:/a:apache:tomcat:5.5.27</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.28">cpe:/a:apache:tomcat:5.5.28</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0">cpe:/a:apache:tomcat:6.0</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.14">cpe:/a:apache:tomcat:6.0.14</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.15">cpe:/a:apache:tomcat:6.0.15</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.16">cpe:/a:apache:tomcat:6.0.16</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.17">cpe:/a:apache:tomcat:6.0.17</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.18">cpe:/a:apache:tomcat:6.0.18</a> </li>
                                                                    <li class="vs104 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.20">cpe:/a:apache:tomcat:6.0.20</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2696">CVE-2009-2696</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2009-2696')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to &quot;invalid HTML.&quot; NOTE: this is due to a missing fix for CVE-2009-0781.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=616717">https://bugzilla.redhat.com/show_bug.cgi?id=616717</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0580.html">RHSA-2010:0580</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1986">ADV-2010-1986</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs105"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.39">cpe:/a:apache:tomcat:4.1.39</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0128">CVE-2008-0128</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2008-0128')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/27365">27365</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://issues.apache.org/bugzilla/show_bug.cgi?id=41217">http://issues.apache.org/bugzilla/show_bug.cgi?id=41217</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://security-tracker.debian.net/tracker/CVE-2008-0128">http://security-tracker.debian.net/tracker/CVE-2008-0128</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html">SUSE-SR:2008:005</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0192">ADV-2008-0192</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/39804">apache-singlesignon-information-disclosure(39804)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs106"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2449">CVE-2007-2449</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2007-2449')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                            </p>
                            <p>Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a &quot;snp/snoop.jsp;&quot; sequence.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html">APPLE-SA-2008-06-30</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/24476">24476</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/471351/100/0/threaded">20070614 [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT2163">http://support.apple.com/kb/HT2163</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html">FEDORA-2007-3456</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795">HPSBUX02262</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:241">MDKSA-2007:241</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0569.html">RHSA-2007:0569</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018245">1018245</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/2804">2804</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html">SUSE-SR:2008:007</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html">SUSE-SR:2009:004</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/2213">ADV-2007-2213</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3386">ADV-2007-3386</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1981/references">ADV-2008-1981</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/34869">tomcat-example-xss(34869)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs107', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs107"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a>  and all previous versions</li>
                                    <li class="vs107">...</li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.36">cpe:/a:apache:tomcat:4.1.36</a>  and all previous versions</li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.0">cpe:/a:apache:tomcat:6.0.0</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.1">cpe:/a:apache:tomcat:6.0.1</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.2">cpe:/a:apache:tomcat:6.0.2</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.3">cpe:/a:apache:tomcat:6.0.3</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.4">cpe:/a:apache:tomcat:6.0.4</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.5">cpe:/a:apache:tomcat:6.0.5</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.6">cpe:/a:apache:tomcat:6.0.6</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.7">cpe:/a:apache:tomcat:6.0.7</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.8">cpe:/a:apache:tomcat:6.0.8</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.10">cpe:/a:apache:tomcat:6.0.10</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.11">cpe:/a:apache:tomcat:6.0.11</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.12">cpe:/a:apache:tomcat:6.0.12</a> </li>
                                                                    <li class="vs107 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.13">cpe:/a:apache:tomcat:6.0.13</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1358">CVE-2007-1358</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2007-1358')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted &quot;Accept-Language headers that do not conform to RFC 2616&quot;.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html">APPLE-SA-2007-07-31</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/24524">24524</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25159">25159</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/471719/100/0/threaded">20070618 [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.info.apple.com/article.html?artnum=306172">http://docs.info.apple.com/article.html?artnum=306172</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html">http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html">FEDORA-2007-3456</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795">HPSBUX02262</a></li>
                                                                            <li>JVN - <a target="_blank" href="http://jvn.jp/jp/JVN%2316535199/index.html">JVN#16535199</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018269">1018269</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1">239312</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1729">ADV-2007-1729</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/2732">ADV-2007-2732</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3087">ADV-2007-3087</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3386">ADV-2007-3386</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1979/references">ADV-2008-1979</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs108', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs108"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                    <li class="vs108">...</li>
                                                                    <li class="vs108 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs108 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs108 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs108 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs108 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs108 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs108 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs108 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs108 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0450">CVE-2007-0450</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2007-0450')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
                            </p>
                            <p>Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) &quot;/&quot; (slash), (2) &quot;\&quot; (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html">APPLE-SA-2007-07-31</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/22960">22960</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25159">25159</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/462791/100/0/threaded">20070314 SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/485938/100/0/threaded">20080108 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.info.apple.com/article.html?artnum=306172">http://docs.info.apple.com/article.html?artnum=306172</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm">http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-6.html">http://tomcat.apache.org/security-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html">http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200705-03.xml">GLSA-200705-03</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795">SSRT071447</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:241">MDKSA-2007:241</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.sec-consult.com/287.html">http://www.sec-consult.com/287.html</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt">http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://lists.vmware.com/pipermail/security-announce/2008/000003.html">[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0327.html">RHSA-2007:0327</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0360.html">RHSA-2007:0360</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/2446">2446</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1">239312</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://www.novell.com/linux/security/advisories/2007_5_sr.html">SUSE-SR:2007:005</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://www.novell.com/linux/security/advisories/2007_15_sr.html">SUSE-SR:2007:015</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/0975">ADV-2007-0975</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/2732">ADV-2007-2732</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3087">ADV-2007-3087</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3386">ADV-2007-3386</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0065">ADV-2008-0065</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1979/references">ADV-2008-1979</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/32988">tomcat-proxy-directory-traversal(32988)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs109', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs109"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a>  and all previous versions</li>
                                    <li class="vs109">...</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A%3A%3Awin32">cpe:/a:apache:http_server:::win32</a> </li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.16">cpe:/a:apache:tomcat:5.5.16</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.17">cpe:/a:apache:tomcat:5.5.17</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.18">cpe:/a:apache:tomcat:5.5.18</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.19">cpe:/a:apache:tomcat:5.5.19</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.20">cpe:/a:apache:tomcat:5.5.20</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.21">cpe:/a:apache:tomcat:5.5.21</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.22">cpe:/a:apache:tomcat:5.5.22</a>  and all previous versions</li>
                                                                    <li class="vs109 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A6.0.9">cpe:/a:apache:tomcat:6.0.9</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-7196">CVE-2006-7196</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2006-7196')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25531">25531</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/478491/100/0/threaded">20070904 Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/478609/100/0/threaded">20070905 Re: Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded">20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded">20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx">http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm">http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540">http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html">SUSE-SR:2008:005</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1729">ADV-2007-1729</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0233">ADV-2009-0233</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs110', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs110"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                    <li class="vs110">...</li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.5">cpe:/a:apache:tomcat:4.0.5</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.6">cpe:/a:apache:tomcat:4.0.6</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.31">cpe:/a:apache:tomcat:4.1.31</a>  and all previous versions</li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.0">cpe:/a:apache:tomcat:5.0.0</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.1">cpe:/a:apache:tomcat:5.0.1</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.2">cpe:/a:apache:tomcat:5.0.2</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.3">cpe:/a:apache:tomcat:5.0.3</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.4">cpe:/a:apache:tomcat:5.0.4</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.5">cpe:/a:apache:tomcat:5.0.5</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.6">cpe:/a:apache:tomcat:5.0.6</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.7">cpe:/a:apache:tomcat:5.0.7</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.8">cpe:/a:apache:tomcat:5.0.8</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.9">cpe:/a:apache:tomcat:5.0.9</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.10">cpe:/a:apache:tomcat:5.0.10</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.11">cpe:/a:apache:tomcat:5.0.11</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.12">cpe:/a:apache:tomcat:5.0.12</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.13">cpe:/a:apache:tomcat:5.0.13</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.14">cpe:/a:apache:tomcat:5.0.14</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.15">cpe:/a:apache:tomcat:5.0.15</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.16">cpe:/a:apache:tomcat:5.0.16</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.17">cpe:/a:apache:tomcat:5.0.17</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.18">cpe:/a:apache:tomcat:5.0.18</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.19">cpe:/a:apache:tomcat:5.0.19</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.21">cpe:/a:apache:tomcat:5.0.21</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.22">cpe:/a:apache:tomcat:5.0.22</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.23">cpe:/a:apache:tomcat:5.0.23</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.24">cpe:/a:apache:tomcat:5.0.24</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.25">cpe:/a:apache:tomcat:5.0.25</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.26">cpe:/a:apache:tomcat:5.0.26</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.27">cpe:/a:apache:tomcat:5.0.27</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.28">cpe:/a:apache:tomcat:5.0.28</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.29">cpe:/a:apache:tomcat:5.0.29</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.0.30">cpe:/a:apache:tomcat:5.0.30</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.0">cpe:/a:apache:tomcat:5.5.0</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.1">cpe:/a:apache:tomcat:5.5.1</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.2">cpe:/a:apache:tomcat:5.5.2</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.3">cpe:/a:apache:tomcat:5.5.3</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.4">cpe:/a:apache:tomcat:5.5.4</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.5">cpe:/a:apache:tomcat:5.5.5</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.7">cpe:/a:apache:tomcat:5.5.7</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.8">cpe:/a:apache:tomcat:5.5.8</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.9">cpe:/a:apache:tomcat:5.5.9</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.10">cpe:/a:apache:tomcat:5.5.10</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.11">cpe:/a:apache:tomcat:5.5.11</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.12">cpe:/a:apache:tomcat:5.5.12</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.13">cpe:/a:apache:tomcat:5.5.13</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.14">cpe:/a:apache:tomcat:5.5.14</a> </li>
                                                                    <li class="vs110 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.15">cpe:/a:apache:tomcat:5.5.15</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4838">CVE-2005-4838</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2005-4838')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-5.html">http://tomcat.apache.org/security-5.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065598.html">20070906 Apache Tomcat remote xss</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.oliverkarow.de/research/jakarta556_xss.txt">http://www.oliverkarow.de/research/jakarta556_xss.txt</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=tomcat-dev&amp;m=110476790331536&amp;w=2">[tomcat-dev] 20050103 Re: Fwd: XSS in Jakarta Tomcat 5.5.6</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=tomcat-dev&amp;m=110477195116951&amp;w=2">[tomcat-dev] 20050103 [PATCH jakarta-servletapi-5] Re: Fwd: XSS in Jakarta Tomcat 5.5.6</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0261.html">RHSA-2008:0261</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2008-0630.html">RHSA-2008:0630</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1012793">1012793</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/36467">tomcat-functions-xss(36467)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs111"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A5.5.6">cpe:/a:apache:tomcat:5.5.6</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0808">CVE-2005-0808</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2005-0808')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/12795">12795</a></li>
                                                                            <li>CERT-VN - <a target="_blank" href="http://www.kb.cert.org/vuls/id/204710">VU#204710</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.hitachi-support.com/security_e/vuls_e/HS05-006_e/index-e.html">http://www.hitachi-support.com/security_e/vuls_e/HS05-006_e/index-e.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.kb.cert.org/vuls/id/JGEI-6A2LEF">http://www.kb.cert.org/vuls/id/JGEI-6A2LEF</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/19681">tomcat-manager-ajp12-dos(19681)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs112', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs112"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs112">...</li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs112 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0045">CVE-2003-0045</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2003-0045')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/12102">jakarta-tomcat-msdos-dos(12102)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs113', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs113"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs113">...</li>
                                                                    <li class="vs113 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs113 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs113 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs113 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs113 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs113 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs113 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs113 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs113 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0044">CVE-2003-0044</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2003-0044')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/6720">6720</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/n-060.shtml">N-060</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2003/dsa-246">DSA-246</a></li>
                                                                            <li>HP - <a target="_blank" href="http://www.securityfocus.com/advisories/5111">HPSBUX0303-249</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/11196">tomcat-web-app-xss(11196)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs114', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs114"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs114">...</li>
                                                                    <li class="vs114 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs114 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs114 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs114 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs114 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs114 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs114 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs114 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs114 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs114 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1a">cpe:/a:apache:tomcat:3.3.1a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0043">CVE-2003-0043</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2003-0043')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/6722">6722</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/n-060.shtml">N-060</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2003/dsa-246">DSA-246</a></li>
                                                                            <li>HP - <a target="_blank" href="http://www.securityfocus.com/advisories/5111">HPSBUX0303-249</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/11195">tomcat-webxml-read-files(11195)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs115', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs115"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs115">...</li>
                                                                    <li class="vs115 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs115 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs115 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs115 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs115 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs115 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs115 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs115 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs115 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0042">CVE-2003-0042</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2003-0042')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/6721">6721</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=104394568616290&amp;w=2">20030130 Apache Jakarta Tomcat 3 URL parsing vulnerability</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/n-060.shtml">N-060</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt">http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2003/dsa-246">DSA-246</a></li>
                                                                            <li>HP - <a target="_blank" href="http://www.securityfocus.com/advisories/5111">HPSBUX0303-249</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/11194">tomcat-null-directory-listing(11194)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs116', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs116"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs116">...</li>
                                                                    <li class="vs116 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs116 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs116 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs116 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs116 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs116 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs116 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs116 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs116 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-2006">CVE-2002-2006</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2002-2006')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/4575">4575</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2002-04/0311.html">20020422 Tomcat real path disclosure (2)</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://tomcat.apache.org/security-4.html">http://tomcat.apache.org/security-4.html</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1">239312</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1979/references">ADV-2008-1979</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/8932.php">tomcat-example-class-information(8932)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs117', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs117"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs117">...</li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs117 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1148">CVE-2002-1148</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2002-1148')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/5786">5786</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=103288242014253&amp;w=2">20020924 JSP source code exposure in Tomcat 4.x</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2002/dsa-170">DSA-170</a></li>
                                                                            <li>HP - <a target="_blank" href="http://online.securityfocus.com/advisories/4758">HPSBUX0212-229</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2002-217.html">RHSA-2002:217</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2002-218.html">RHSA-2002:218</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/10175.php">tomcat-servlet-source-code(10175)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs118', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs118"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs118">...</li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1.1">cpe:/a:apache:tomcat:3.1.1</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2">cpe:/a:apache:tomcat:3.2</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.1">cpe:/a:apache:tomcat:3.2.1</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2%3Abeta2">cpe:/a:apache:tomcat:3.2.2:beta2</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.3">cpe:/a:apache:tomcat:3.2.3</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.4">cpe:/a:apache:tomcat:3.2.4</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3">cpe:/a:apache:tomcat:3.3</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.1">cpe:/a:apache:tomcat:3.3.1</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.0">cpe:/a:apache:tomcat:4.0.0</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.1">cpe:/a:apache:tomcat:4.0.1</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.2">cpe:/a:apache:tomcat:4.0.2</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.3">cpe:/a:apache:tomcat:4.0.3</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.0.4">cpe:/a:apache:tomcat:4.0.4</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.0">cpe:/a:apache:tomcat:4.1.0</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.3%3Abeta">cpe:/a:apache:tomcat:4.1.3:beta</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.9%3Abeta">cpe:/a:apache:tomcat:4.1.9:beta</a> </li>
                                                                    <li class="vs118 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A4.1.10">cpe:/a:apache:tomcat:4.1.10</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0493">CVE-2002-0493</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2002-0493')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-254 Security Features
                            </p>
                            <p>Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=101709002410365&amp;w=2">20020325 re: Tomcat Security Exposure</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.apachelabs.org/tomcat-dev/200108.mbox/%3C20010810000819.6350.qmail@icarus.apache.org%3E">http://www.apachelabs.org/tomcat-dev/200108.mbox/%3C20010810000819.6350.qmail@icarus.apache.org%3E</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/9863.php">tomcat-xml-bypass-restrictions(9863)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs119"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.3.2">cpe:/a:apache:tomcat:3.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0590">CVE-2001-0590</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2001-0590')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2001-04/0031.html">20010403 Re: Tomcat may reveal script source code by URL trickery </a></li>
                                                                            <li>HP - <a target="_blank" href="http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-004">HPSBTL0112-004</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/static/6971.php">jakarta-tomcat-jsp-source(6971)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs120"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.2.2">cpe:/a:apache:tomcat:3.2.2</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-1210">CVE-2000-1210</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2000-1210')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=95371672300045&amp;w=2">20000322 Security bug in Apache project: Jakarta Tomcat</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/4205.php">apache-tomcat-file-contents(4205)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs121"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0760">CVE-2000-0760</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2000-0760')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
                            </p>
                            <p>The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/1532">1532</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719235404.24004A-100000@grex.cyberspace.org">20000719 [LoWNOISE] Snoop Servlet (Tomcat 3.1 and 3.0)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs122', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs122"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs122">...</li>
                                                                    <li class="vs122 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs122 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0759">CVE-2000-0759</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2000-0759')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
                            </p>
                            <p>Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/1531">1531</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719184401.17782A-100000@grex.cyberspace.org">20000719 [LoWNOISE] Tomcat 3.1 Path Revealing Problem.</a></li>
                                                                            <li>XF - <a target="_blank" href="http://www.iss.net/security_center/static/4967.php">tomcat-error-path-reveal(4967)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs123"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0672">CVE-2000-0672</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('tomcat-servlet-api-8.0.39.jar', 'f122b4ee5a6546132aa2c6b4c059c5b04ccfa623', 'cve', 'CVE-2000-0672')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/1548">1548</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2000-07/0309.html">20000721 Jakarta-tomcat.../admin</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/static/5160.php">jakarta-tomcat-admin</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs124', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs124"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                    <li class="vs124">...</li>
                                                                    <li class="vs124 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A3.1">cpe:/a:apache:http_server:3.1</a> </li>
                                                                    <li class="vs124 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.0">cpe:/a:apache:tomcat:3.0</a> </li>
                                                                    <li class="vs124 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Atomcat%3A3.1">cpe:/a:apache:tomcat:3.1</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l223_1cfffdddee4a753b25435c0b634d0f2b50df54e6"></a>tomcat-tribes-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Tomcat Group Communication Package<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-tribes\8.0.39\1cfffdddee4a753b25435c0b634d0f2b50df54e6\tomcat-tribes-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;8ff9faabbdf9d6977d3e61c178728bdf<br/>
                            <b>SHA1:</b>&nbsp;1cfffdddee4a753b25435c0b634d0f2b50df54e6
                                                                                </p>
                                                <h4 id="header469" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content469" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-tribes</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-tribes-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>catalina</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tribes</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-tribes</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Tomcat Group Communication Package</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header470" class="subsectionheader white">Identifiers</h4>
                                                <div id="content470" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-tribes-8.0.39.jar', '1cfffdddee4a753b25435c0b634d0f2b50df54e6', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-tribes/8.0.39/tomcat-tribes-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-tribes:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l224_2d8f5be75d4edd7c29022e0cb0e0ccf1d00147aa"></a>tomcat-util-scan-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Common code shared by Catalina and Jasper for scanning JARS and processing
    XML descriptors
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-util-scan\8.0.39\2d8f5be75d4edd7c29022e0cb0e0ccf1d00147aa\tomcat-util-scan-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;4f8bff7bd3df9a408eee68e68b17aa57<br/>
                            <b>SHA1:</b>&nbsp;2d8f5be75d4edd7c29022e0cb0e0ccf1d00147aa
                                                                                </p>
                                                <h4 id="header471" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content471" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-util-scan</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-util-scan-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>descriptor</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tomcat</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>util</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-util-scan</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Common code shared by Catalina and Jasper for scanning JARS and processing XML descriptors </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header472" class="subsectionheader white">Identifiers</h4>
                                                <div id="content472" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-util-scan-8.0.39.jar', '2d8f5be75d4edd7c29022e0cb0e0ccf1d00147aa', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-util-scan/8.0.39/tomcat-util-scan-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-util-scan:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l225_83729054653fa3aad57818c68f1cc491022bc814"></a>tomcat-util-8.0.39.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Common code shared by multiple Tomcat components<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.tomcat\tomcat-util\8.0.39\83729054653fa3aad57818c68f1cc491022bc814\tomcat-util-8.0.39.jar<br/>
                            <b>MD5:</b>&nbsp;b4b2410e0d53e32f0a3ba6ed1e6ce37a<br/>
                            <b>SHA1:</b>&nbsp;83729054653fa3aad57818c68f1cc491022bc814
                                                                                </p>
                                                <h4 id="header473" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content473" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tomcat-util</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.tomcat</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tomcat-util-8.0.39</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>8.0.39</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tomcat</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>util</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>8.0.39</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tomcat-util</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Common code shared by multiple Tomcat components</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.tomcat</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tomcat.apache.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>8.0.39</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header474" class="subsectionheader white">Identifiers</h4>
                                                <div id="content474" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tomcat:8.0.39
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('tomcat-util-8.0.39.jar', '83729054653fa3aad57818c68f1cc491022bc814', 'cpe', 'cpe:/a:apache:tomcat:8.0.39')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/tomcat/tomcat-util/8.0.39/tomcat-util-8.0.39.jar" target="_blank">org.apache.tomcat:tomcat-util:8.0.39</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l226_ffed89bc39eb7fce6b74765b3417c6844d8003a2"></a>woden-core-1.0M10.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Woden project is a subproject of the Apache Web Services Project to      develop a Java class library for reading, manipulating, creating and writing WSDL documents,      initially to support WSDL 2.0 but with the longer term aim of supporting past, present and      future versions of WSDL.      There are two main deliverables: an API and an implementation. The Woden API consists of      a set of Java interfaces. The WSDL 2.0-specific portion of the Woden API conforms to the      W3C WSDL 2.0 specification. The implementation will be a high performance implementation      directly usable in other Apache projects such as Axis2.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.woden\woden-core\1.0M10\ffed89bc39eb7fce6b74765b3417c6844d8003a2\woden-core-1.0M10.jar<br/>
                            <b>MD5:</b>&nbsp;7b04937efc02bbc6cb0b73afb5d48b78<br/>
                            <b>SHA1:</b>&nbsp;ffed89bc39eb7fce6b74765b3417c6844d8003a2
                                                                                </p>
                                                <h4 id="header475" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content475" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>woden-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.woden</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0M10</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>woden-core-1.0M10</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.m10</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Woden project is a subproject of the Apache Web Services Project to develop a Java class library for reading, manipulating, creating and writing WSDL documents, initially to support WSDL 2.0 but with the longer term aim of supporting past, present and future versions of WSDL. There are two main deliverables: an API and an implementation. The Woden API consists of a set of Java interfaces. The WSDL 2.0-specific portion of the Woden API conforms to the W3C WSDL 2.0 specification. The implementation will be a high performance implementation directly usable in other Apache projects ...</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Woden - Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.woden.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.0.0M10</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache Woden</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.0M10</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Apache Woden</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>woden-core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.woden</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Woden - Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>woden</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.woden</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0M10</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header476" class="subsectionheader white">Identifiers</h4>
                                                <div id="content476" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22ffed89bc39eb7fce6b74765b3417c6844d8003a2%22" target="_blank">org.apache.woden:woden-core:1.0M10</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l227_aaf2a6028822dd3d55a4221188ecb73d4c9e219a"></a>axiom-api-1.2.17.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Axiom API<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ws.commons.axiom\axiom-api\1.2.17\aaf2a6028822dd3d55a4221188ecb73d4c9e219a\axiom-api-1.2.17.jar<br/>
                            <b>MD5:</b>&nbsp;08d711e7f682e7afca6a6eeeacf182a3<br/>
                            <b>SHA1:</b>&nbsp;aaf2a6028822dd3d55a4221188ecb73d4c9e219a
                                                                                </p>
                                                <h4 id="header477" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content477" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>axiom-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.17</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>axiom-api-1.2.17</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.17</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The Axiom API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Axiom API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.ws.commons.axiom.axiom-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2.17</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Axiom API</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.2.17</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.5))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Axiom API</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>axiom-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Axiom API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Axiom API</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>axiom</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ws.apache.org/axiom/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.17</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header478" class="subsectionheader white">Identifiers</h4>
                                                <div id="content478" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22aaf2a6028822dd3d55a4221188ecb73d4c9e219a%22" target="_blank">org.apache.ws.commons.axiom:axiom-api:1.2.17</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l228_6df316d52cfd9efc4ee155b4dff0125769af1580"></a>axiom-impl-1.2.17.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The default implementation of the Axiom API.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ws.commons.axiom\axiom-impl\1.2.17\6df316d52cfd9efc4ee155b4dff0125769af1580\axiom-impl-1.2.17.jar<br/>
                            <b>MD5:</b>&nbsp;e2b43e00fe26ceb31432a903d99b4766<br/>
                            <b>SHA1:</b>&nbsp;6df316d52cfd9efc4ee155b4dff0125769af1580
                                                                                </p>
                                                <h4 id="header479" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content479" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>axiom-impl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.17</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>axiom-impl-1.2.17</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.17</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>axiom</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>impl</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The default implementation of the Axiom API.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>LLOM</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.ws.commons.axiom.axiom-impl</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2.17</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.5))&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>axiom-impl</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The default implementation of the Axiom API.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>LLOM</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>implementations</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.17</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header480" class="subsectionheader white">Identifiers</h4>
                                                <div id="content480" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/ws/commons/axiom/axiom-impl/1.2.17/axiom-impl-1.2.17.jar" target="_blank">org.apache.ws.commons.axiom:axiom-impl:1.2.17</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l229_42e8d4b4f2f941ab0b50240e6b096a1151221003"></a>axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/core-aspects/pom.xml</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ws.commons.axiom\axiom-impl\1.2.17\6df316d52cfd9efc4ee155b4dff0125769af1580\axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/core-aspects/pom.xml<br/>
                            <b>MD5:</b>&nbsp;578ca70e0a265fd5b1515eea14e67efb<br/>
                            <b>SHA1:</b>&nbsp;42e8d4b4f2f941ab0b50240e6b096a1151221003
                                                                                </p>
                                                <h4 id="header481" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content481" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>core-aspects</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Core Aspects</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>aspects</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ws.apache.org/axiom/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.17</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header482" class="subsectionheader white">Identifiers</h4>
                                                <div id="content482" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;org.apache.ws.commons.axiom:core-aspects:1.2.17
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l230_2e08c15bd701460f07711311fad5785ecf7ad861"></a>axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/om-aspects/pom.xml</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Contains aspects and implementation classes shared by LLOM and DOOM.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ws.commons.axiom\axiom-impl\1.2.17\6df316d52cfd9efc4ee155b4dff0125769af1580\axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/om-aspects/pom.xml<br/>
                            <b>MD5:</b>&nbsp;be5411f23abad2369eb94ad64622bb54<br/>
                            <b>SHA1:</b>&nbsp;2e08c15bd701460f07711311fad5785ecf7ad861
                                                                                </p>
                                                <h4 id="header483" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content483" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>om-aspects</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Contains aspects and implementation classes shared by LLOM and DOOM.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>OM Aspects</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>aspects</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ws.apache.org/axiom/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.17</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header484" class="subsectionheader white">Identifiers</h4>
                                                <div id="content484" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;org.apache.ws.commons.axiom:om-aspects:1.2.17
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l231_bbe62a1404feb5cc8f9a7babbd7a12d50479144b"></a>axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/shared-aspects/pom.xml</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
        Contains mixins for methods that are shared between DOM and Axiom.
    <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ws.commons.axiom\axiom-impl\1.2.17\6df316d52cfd9efc4ee155b4dff0125769af1580\axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/shared-aspects/pom.xml<br/>
                            <b>MD5:</b>&nbsp;ea8a4489f8026ca7b879fae7de636afd<br/>
                            <b>SHA1:</b>&nbsp;bbe62a1404feb5cc8f9a7babbd7a12d50479144b
                                                                                </p>
                                                <h4 id="header485" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content485" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>shared-aspects</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
        Contains mixins for methods that are shared between DOM and Axiom.
    </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Shared Aspects</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>aspects</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ws.apache.org/axiom/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.17</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header486" class="subsectionheader white">Identifiers</h4>
                                                <div id="content486" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;org.apache.ws.commons.axiom:shared-aspects:1.2.17
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l232_dac902cf3a5280076d8a92fc9a421fe15e23a1e6"></a>axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/xml-utils/pom.xml</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ws.commons.axiom\axiom-impl\1.2.17\6df316d52cfd9efc4ee155b4dff0125769af1580\axiom-impl-1.2.17.jar\META-INF/maven/org.apache.ws.commons.axiom/xml-utils/pom.xml<br/>
                            <b>MD5:</b>&nbsp;76d0bf22e109300e6a67875c5781f659<br/>
                            <b>SHA1:</b>&nbsp;dac902cf3a5280076d8a92fc9a421fe15e23a1e6
                                                                                </p>
                                                <h4 id="header487" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content487" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xml-utils</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>components</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ws.commons.axiom</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ws.apache.org/axiom/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.17</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header488" class="subsectionheader white">Identifiers</h4>
                                                <div id="content488" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;org.apache.ws.commons.axiom:xml-utils:1.2.17
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l233_3f478e6def772c19d1053f61198fa1f6a6119238"></a>ws-commons-util-1.0.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
      This is a small collection of utility classes, that allow high performance XML
      processing based on SAX. Basically, it is assumed, that you are using an JAXP
      1.1 compliant XML parser and nothing else. In particular, no dependency on the
      javax.xml.transform package is introduced.
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ws.commons.util\ws-commons-util\1.0.2\3f478e6def772c19d1053f61198fa1f6a6119238\ws-commons-util-1.0.2.jar<br/>
                            <b>MD5:</b>&nbsp;e0d2efe441e2dec803c7749c10725f61<br/>
                            <b>SHA1:</b>&nbsp;3f478e6def772c19d1053f61198fa1f6a6119238
                                                                                </p>
                                                <h4 id="header489" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content489" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ws-commons-util</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.ws.commons.util</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ws-commons-util-1.0.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>commons</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>util</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ws</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ws-commons-util</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> This is a small collection of utility classes, that allow high performance XML processing based on SAX. Basically, it is assumed, that you are using an JAXP 1.1 compliant XML parser and nothing else. In particular, no dependency on the javax.xml.transform package is introduced. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ws.commons.util</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache WebServices Common Utilities</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://ws.apache.org/commons/util</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header490" class="subsectionheader white">Identifiers</h4>
                                                <div id="content490" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%223f478e6def772c19d1053f61198fa1f6a6119238%22" target="_blank">org.apache.ws.commons.util:ws-commons-util:1.0.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l234_02eff1f3776590d4c51cc735eab2143c497329f2"></a>xmlschema-core-2.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Commons XMLSchema is a light weight schema object model that can be used to manipulate or
        generate XML schema.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.ws.xmlschema\xmlschema-core\2.2.1\2eff1f3776590d4c51cc735eab2143c497329f2\xmlschema-core-2.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;bab3d98961f361b5e66dbcdadaad1ecf<br/>
                            <b>SHA1:</b>&nbsp;02eff1f3776590d4c51cc735eab2143c497329f2
                                                                                </p>
                                                <h4 id="header491" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content491" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xmlschema-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.ws.xmlschema</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xmlschema-core-2.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.2.1</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Commons XMLSchema is a light weight schema object model that can be used to manipulate or generate XML schema.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://ws.apache.org/xmlschema/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>XmlSchema Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.ws.xmlschema.core</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.2.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xmlschema-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Commons XMLSchema is a light weight schema object model that can be used to manipulate or generate XML schema.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.ws.xmlschema</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>XmlSchema Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>xmlschema</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.ws.xmlschema</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header492" class="subsectionheader white">Identifiers</h4>
                                                <div id="content492" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2202eff1f3776590d4c51cc735eab2143c497329f2%22" target="_blank">org.apache.ws.xmlschema:xmlschema-core:2.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l235_29e80d2dd51f9dcdef8f9ffaee0d4dc1c9bbfc87"></a>xmlbeans-2.6.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;XmlBeans main jar<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlbeans\xmlbeans\2.6.0\29e80d2dd51f9dcdef8f9ffaee0d4dc1c9bbfc87\xmlbeans-2.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;6591c08682d613194dacb01e95c78c2c<br/>
                            <b>SHA1:</b>&nbsp;29e80d2dd51f9dcdef8f9ffaee0d4dc1c9bbfc87
                                                                                </p>
                                                <h4 id="header493" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content493" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xmlbeans</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlbeans</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xmlbeans-2.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>impl</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xmlbeans</td></tr>
                                                                    <tr><td>manifest: org/apache/xmlbeans/</td><td>Implementation-Title</td><td>org.apache.xmlbeans</td></tr>
                                                                    <tr><td>manifest: org/apache/xmlbeans/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/xmlbeans/</td><td>Implementation-Version</td><td>2.6.0-r1364789</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xmlbeans</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>XmlBeans main jar</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlbeans</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>XmlBeans</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://xmlbeans.apache.org/
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlbeans.apache.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header494" class="subsectionheader white">Identifiers</h4>
                                                <div id="content494" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlbeans/xmlbeans/2.6.0/xmlbeans-2.6.0.jar" target="_blank">org.apache.xmlbeans:xmlbeans:2.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l236_68197dfa3643a906ba250025a03dc42e6efe2dec"></a>batik-anim-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-anim\1.8\68197dfa3643a906ba250025a03dc42e6efe2dec\batik-anim-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;2df85ee1fb9645c9ace7a13505b7f860<br/>
                            <b>SHA1:</b>&nbsp;68197dfa3643a906ba250025a03dc42e6efe2dec
                                                                                </p>
                                                <h4 id="header495" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content495" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-anim</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-anim-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>anim</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik animation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-anim</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik animation engine</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header496" class="subsectionheader white">Identifiers</h4>
                                                <div id="content496" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-anim-1.8.jar', '68197dfa3643a906ba250025a03dc42e6efe2dec', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-anim/1.8/batik-anim-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-anim:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l237_5cd7f97060cdfab0139e70504962d48ceee71ef2"></a>batik-awt-util-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-awt-util\1.8\5cd7f97060cdfab0139e70504962d48ceee71ef2\batik-awt-util-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;920f49ba45ad671a3827771ffb8271e9<br/>
                            <b>SHA1:</b>&nbsp;5cd7f97060cdfab0139e70504962d48ceee71ef2
                                                                                </p>
                                                <h4 id="header497" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content497" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-awt-util</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-awt-util-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>awt</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ext</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik AWT utility library</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-awt-util</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik AWT utilities</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header498" class="subsectionheader white">Identifiers</h4>
                                                <div id="content498" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-awt-util-1.8.jar', '5cd7f97060cdfab0139e70504962d48ceee71ef2', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-awt-util/1.8/batik-awt-util-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-awt-util:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l238_4ab4110b0ed4650ef50d4a344f0ca5c027f3283a"></a>batik-bridge-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-bridge\1.8\4ab4110b0ed4650ef50d4a344f0ca5c027f3283a\batik-bridge-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;ad81e06a8bfa1a6fe323fdf9ae062122<br/>
                            <b>SHA1:</b>&nbsp;4ab4110b0ed4650ef50d4a344f0ca5c027f3283a
                                                                                </p>
                                                <h4 id="header499" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content499" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-bridge</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-bridge-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bridge</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik bridge</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-bridge</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik bridge classes</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header500" class="subsectionheader white">Identifiers</h4>
                                                <div id="content500" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-bridge-1.8.jar', '4ab4110b0ed4650ef50d4a344f0ca5c027f3283a', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-bridge/1.8/batik-bridge-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-bridge:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l239_2b3f22cc65702a0821b7f0178d055282a1cdde59"></a>batik-css-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-css\1.8\2b3f22cc65702a0821b7f0178d055282a1cdde59\batik-css-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;958c61e42f99ef67d3c91dcb57defc4d<br/>
                            <b>SHA1:</b>&nbsp;2b3f22cc65702a0821b7f0178d055282a1cdde59
                                                                                </p>
                                                <h4 id="header501" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content501" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-css</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-css-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>css</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>engine</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik CSS engine</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-css</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik CSS engine</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header502" class="subsectionheader white">Identifiers</h4>
                                                <div id="content502" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-css-1.8.jar', '2b3f22cc65702a0821b7f0178d055282a1cdde59', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-css/1.8/batik-css-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-css:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l240_4e696cf01cee52e8c4f86c842b5d8314e689209c"></a>batik-dom-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-dom\1.8\4e696cf01cee52e8c4f86c842b5d8314e689209c\batik-dom-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;c65a43a99108aa892f0824982f7f2560<br/>
                            <b>SHA1:</b>&nbsp;4e696cf01cee52e8c4f86c842b5d8314e689209c
                                                                                </p>
                                                <h4 id="header503" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content503" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-dom</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-dom-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik DOM Level 3 implementation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-dom</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik DOM implementation</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header504" class="subsectionheader white">Identifiers</h4>
                                                <div id="content504" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-dom-1.8.jar', '4e696cf01cee52e8c4f86c842b5d8314e689209c', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-dom/1.8/batik-dom-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-dom:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l241_8713f3238cfac337624a90c3ad7d45d7bc6fb1b5"></a>batik-ext-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-ext\1.8\8713f3238cfac337624a90c3ad7d45d7bc6fb1b5\batik-ext-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;a5d1350e2df7e272efe0dc446d757754<br/>
                            <b>SHA1:</b>&nbsp;8713f3238cfac337624a90c3ad7d45d7bc6fb1b5
                                                                                </p>
                                                <h4 id="header505" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content505" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-ext</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-ext-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>events</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>w3c</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150529-122732-WEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik external code</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-ext</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik external code</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header506" class="subsectionheader white">Identifiers</h4>
                                                <div id="content506" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-ext-1.8.jar', '8713f3238cfac337624a90c3ad7d45d7bc6fb1b5', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-ext/1.8/batik-ext-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-ext:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l242_c5e9e1f07a65c89d2be92fd63e1b0f64357a46db"></a>batik-extension-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-extension\1.8\c5e9e1f07a65c89d2be92fd63e1b0f64357a46db\batik-extension-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;d4a1e2f096fac94ee6363a1e2caf121e<br/>
                            <b>SHA1:</b>&nbsp;c5e9e1f07a65c89d2be92fd63e1b0f64357a46db
                                                                                </p>
                                                <h4 id="header507" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content507" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-extension</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-extension-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>extension</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>svg</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik extensions</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-extension</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik extension classes</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header508" class="subsectionheader white">Identifiers</h4>
                                                <div id="content508" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-extension-1.8.jar', 'c5e9e1f07a65c89d2be92fd63e1b0f64357a46db', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-extension/1.8/batik-extension-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-extension:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l243_fbde4cd3c43001c162446cf43093d09fda346e11"></a>batik-gvt-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-gvt\1.8\fbde4cd3c43001c162446cf43093d09fda346e11\batik-gvt-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;b8396b47285335c1622b4eb4854d406b<br/>
                            <b>SHA1:</b>&nbsp;fbde4cd3c43001c162446cf43093d09fda346e11
                                                                                </p>
                                                <h4 id="header509" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content509" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-gvt</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-gvt-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>gvt</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik GVT library</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-gvt</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik GVT (Graphics Vector Tree)</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header510" class="subsectionheader white">Identifiers</h4>
                                                <div id="content510" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-gvt-1.8.jar', 'fbde4cd3c43001c162446cf43093d09fda346e11', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-gvt/1.8/batik-gvt-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-gvt:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l244_86ec4ab0c828b570d0ccbeba14f85ac011a333f2"></a>batik-parser-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-parser\1.8\86ec4ab0c828b570d0ccbeba14f85ac011a333f2\batik-parser-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;153e8de1747f7b02b29711d831e01ebd<br/>
                            <b>SHA1:</b>&nbsp;86ec4ab0c828b570d0ccbeba14f85ac011a333f2
                                                                                </p>
                                                <h4 id="header511" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content511" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-parser-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>parser</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik parser library</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                        <h4 id="header512" class="subsectionheader white">Identifiers</h4>
                                                <div id="content512" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-parser-1.8.jar', '86ec4ab0c828b570d0ccbeba14f85ac011a333f2', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l245_5bda6a9d45065b184c83c46b64d8002b4e0ab7c7"></a>batik-script-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-script\1.8\5bda6a9d45065b184c83c46b64d8002b4e0ab7c7\batik-script-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;a53bc33be936b54252b8e1f40efb9367<br/>
                            <b>SHA1:</b>&nbsp;5bda6a9d45065b184c83c46b64d8002b4e0ab7c7
                                                                                </p>
                                                <h4 id="header513" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content513" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-script</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-script-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>script</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik script library</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-script</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik scripting language classes</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header514" class="subsectionheader white">Identifiers</h4>
                                                <div id="content514" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-script-1.8.jar', '5bda6a9d45065b184c83c46b64d8002b4e0ab7c7', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-script/1.8/batik-script-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-script:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l246_97c9d00d08c849066d2359b0f1124f0e82b952c2"></a>batik-svg-dom-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-svg-dom\1.8\97c9d00d08c849066d2359b0f1124f0e82b952c2\batik-svg-dom-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;e8f73ff8c0885f891b0378a417f993a5<br/>
                            <b>SHA1:</b>&nbsp;97c9d00d08c849066d2359b0f1124f0e82b952c2
                                                                                </p>
                                                <h4 id="header515" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content515" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-svg-dom</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-svg-dom-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>svg</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik SVG DOM implementation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-svg-dom</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik SVG DOM implementation</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header516" class="subsectionheader white">Identifiers</h4>
                                                <div id="content516" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-svg-dom-1.8.jar', '97c9d00d08c849066d2359b0f1124f0e82b952c2', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-svg-dom/1.8/batik-svg-dom-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-svg-dom:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l247_c4684e18303e931845df704f9b9f6995fd770789"></a>batik-svggen-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-svggen\1.8\c4684e18303e931845df704f9b9f6995fd770789\batik-svggen-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;5272d658db91a797d03e5786083e5689<br/>
                            <b>SHA1:</b>&nbsp;c4684e18303e931845df704f9b9f6995fd770789
                                                                                </p>
                                                <h4 id="header517" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content517" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-svggen</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-svggen-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>svggen</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik SVG generator</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-svggen</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik Java2D SVG generator</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header518" class="subsectionheader white">Identifiers</h4>
                                                <div id="content518" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-svggen-1.8.jar', 'c4684e18303e931845df704f9b9f6995fd770789', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-svggen/1.8/batik-svggen-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-svggen:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l248_f330b3e9946ff21ddf3ea6d4f58ae44145cfd362"></a>batik-transcoder-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-transcoder\1.8\f330b3e9946ff21ddf3ea6d4f58ae44145cfd362\batik-transcoder-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;64b8ece1cf1cbff76684ec370dbfd48b<br/>
                            <b>SHA1:</b>&nbsp;f330b3e9946ff21ddf3ea6d4f58ae44145cfd362
                                                                                </p>
                                                <h4 id="header519" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content519" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-transcoder</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-transcoder-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>transcoder</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik transcoder</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-transcoder</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik SVG transcoder classes</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header520" class="subsectionheader white">Identifiers</h4>
                                                <div id="content520" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-transcoder-1.8.jar', 'f330b3e9946ff21ddf3ea6d4f58ae44145cfd362', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-transcoder/1.8/batik-transcoder-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-transcoder:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l249_35dcd204f397d6976290ca48ffa0011ba9b7ef43"></a>batik-util-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-util\1.8\35dcd204f397d6976290ca48ffa0011ba9b7ef43\batik-util-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;f57ff00419b0776fbf670b8126fd06ad<br/>
                            <b>SHA1:</b>&nbsp;35dcd204f397d6976290ca48ffa0011ba9b7ef43
                                                                                </p>
                                                <h4 id="header521" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content521" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-util</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-util-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>util</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik utility library</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-util</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik utility library</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header522" class="subsectionheader white">Identifiers</h4>
                                                <div id="content522" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-util-1.8.jar', '35dcd204f397d6976290ca48ffa0011ba9b7ef43', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-util/1.8/batik-util-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-util:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l250_9bf0ee759fed1e3a2e4ad41819eac69ff4873732"></a>batik-xml-1.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\batik-xml\1.8\9bf0ee759fed1e3a2e4ad41819eac69ff4873732\batik-xml-1.8.jar<br/>
                            <b>MD5:</b>&nbsp;9728f9f46fbff6617f9c63b84a092ffb<br/>
                            <b>SHA1:</b>&nbsp;9bf0ee759fed1e3a2e4ad41819eac69ff4873732
                                                                                </p>
                                                <h4 id="header523" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content523" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-xml</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-xml-1.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20150508-154433-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik XML utility library</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-xml</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Batik XML utility library</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/batik/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header524" class="subsectionheader white">Identifiers</h4>
                                                <div id="content524" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-xml-1.8.jar', '9bf0ee759fed1e3a2e4ad41819eac69ff4873732', 'cpe', 'cpe:/a:apache:batik:1.8')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/batik-xml/1.8/batik-xml-1.8.jar" target="_blank">org.apache.xmlgraphics:batik-xml:1.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l251_c78a1013a5de5b49a3fb1c6f3289940f44554cb6"></a>fop-2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Apache FOP (Formatting Objects Processor) is the world's first print formatter driven by XSL formatting objects (XSL-FO) and the world's first output independent formatter. It is a Java application that reads a formatting object (FO) tree and renders the resulting pages to a specified output. Output formats currently supported include PDF, PCL, PS, AFP, TIFF, PNG, SVG, XML (area tree representation), Print, AWT and TXT. The primary output target is PDF.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\fop\2.1\c78a1013a5de5b49a3fb1c6f3289940f44554cb6\fop-2.1.jar<br/>
                            <b>MD5:</b>&nbsp;11e45408cf99ad38fc20ff27df44ceef<br/>
                            <b>SHA1:</b>&nbsp;c78a1013a5de5b49a3fb1c6f3289940f44554cb6
                                                                                </p>
                                                <h4 id="header525" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content525" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>fop</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>fop-2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>fop</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20160107-141346-GMT</td></tr>
                                                                    <tr><td>manifest: org/apache/fop/</td><td>Implementation-Title</td><td>Apache FOP</td></tr>
                                                                    <tr><td>manifest: org/apache/fop/</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/fop/)</td></tr>
                                                                    <tr><td>manifest: org/apache/fop/</td><td>Implementation-Version</td><td>2.1</td></tr>
                                                                    <tr><td>manifest: org/apache/fop/</td><td>Specification-Title</td><td>XSL-FO - Extensible Stylesheet Language</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>fop</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Apache FOP (Formatting Objects Processor) is the world's first print formatter driven by XSL formatting objects (XSL-FO) and the world's first output independent formatter. It is a Java application that reads a formatting object (FO) tree and renders the resulting pages to a specified output. Output formats currently supported include PDF, PCL, PS, AFP, TIFF, PNG, SVG, XML (area tree representation), Print, AWT and TXT. The primary output target is PDF.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache FOP</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/fop/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header526" class="subsectionheader white">Identifiers</h4>
                                                <div id="content526" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/fop/2.1/fop-2.1.jar" target="_blank">org.apache.xmlgraphics:fop:2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l252_b61132defe1df4e91c1eb0ddf544958c50d358b5"></a>xmlgraphics-commons-2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Apache XML Graphics Commons is a library that consists of several reusable
    components used by Apache Batik and Apache FOP. Many of these components
    can easily be used separately outside the domains of SVG and XSL-FO.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlgraphics\xmlgraphics-commons\2.1\b61132defe1df4e91c1eb0ddf544958c50d358b5\xmlgraphics-commons-2.1.jar<br/>
                            <b>MD5:</b>&nbsp;ed394303ec89fd0604c98208f96a2c2f<br/>
                            <b>SHA1:</b>&nbsp;b61132defe1df4e91c1eb0ddf544958c50d358b5
                                                                                </p>
                                                <h4 id="header527" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content527" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xmlgraphics-commons</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlgraphics</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xmlgraphics-commons-2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xmlgraphics</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20160114-143249-GMT</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Apache XML Graphics Commons</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xmlgraphics-commons</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Apache XML Graphics Commons is a library that consists of several reusable components used by Apache Batik and Apache FOP. Many of these components can easily be used separately outside the domains of SVG and XSL-FO. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlgraphics</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache XML Graphics Commons</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xmlgraphics.apache.org/commons/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header528" class="subsectionheader white">Identifiers</h4>
                                                <div id="content528" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:2.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('xmlgraphics-commons-2.1.jar', 'b61132defe1df4e91c1eb0ddf544958c50d358b5', 'cpe', 'cpe:/a:apache:batik:2.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/xmlgraphics/xmlgraphics-commons/2.1/xmlgraphics-commons-2.1.jar" target="_blank">org.apache.xmlgraphics:xmlgraphics-commons:2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l253_ca8c57a1c4abc23b75b15ad636b4d20274f021c2"></a>xmlrpc-client-3.1.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlrpc\xmlrpc-client\3.1.2\ca8c57a1c4abc23b75b15ad636b4d20274f021c2\xmlrpc-client-3.1.2.jar<br/>
                            <b>MD5:</b>&nbsp;b2da22fd59a0a6c8cf412f6f50d9880c<br/>
                            <b>SHA1:</b>&nbsp;ca8c57a1c4abc23b75b15ad636b4d20274f021c2
                                                                                </p>
                                                <h4 id="header529" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content529" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xmlrpc-client</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlrpc</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.1.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xmlrpc-client-3.1.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.xmlrpc.client</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>XML-RPC</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>UserLand Software, Inc.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xmlrpc-client</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlrpc</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache XML-RPC Client Library</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>xmlrpc</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.xmlrpc</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.1.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header530" class="subsectionheader white">Identifiers</h4>
                                                <div id="content530" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22ca8c57a1c4abc23b75b15ad636b4d20274f021c2%22" target="_blank">org.apache.xmlrpc:xmlrpc-client:3.1.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l254_a8b0084839aee2f48113b3dc2517b8022a5fbc0f"></a>xmlrpc-common-3.1.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlrpc\xmlrpc-common\3.1.2\a8b0084839aee2f48113b3dc2517b8022a5fbc0f\xmlrpc-common-3.1.2.jar<br/>
                            <b>MD5:</b>&nbsp;4037cace113e54ff20222a43cdc4b65d<br/>
                            <b>SHA1:</b>&nbsp;a8b0084839aee2f48113b3dc2517b8022a5fbc0f
                                                                                </p>
                                                <h4 id="header531" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content531" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xmlrpc-common</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlrpc</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.1.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xmlrpc-common-3.1.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.xmlrpc</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>XML-RPC</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>UserLand Software, Inc.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xmlrpc-common</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlrpc</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache XML-RPC Common Library</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>xmlrpc</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.xmlrpc</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.1.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header532" class="subsectionheader white">Identifiers</h4>
                                                <div id="content532" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22a8b0084839aee2f48113b3dc2517b8022a5fbc0f%22" target="_blank">org.apache.xmlrpc:xmlrpc-common:3.1.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l255_7e5123995d009129af3dfc663d2ec91c6541bf98"></a>xmlrpc-server-3.1.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.xmlrpc\xmlrpc-server\3.1.2\7e5123995d009129af3dfc663d2ec91c6541bf98\xmlrpc-server-3.1.2.jar<br/>
                            <b>MD5:</b>&nbsp;04e884ead785a63e4ff8bc98f1f961f7<br/>
                            <b>SHA1:</b>&nbsp;7e5123995d009129af3dfc663d2ec91c6541bf98
                                                                                </p>
                                                <h4 id="header533" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content533" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xmlrpc-server</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.xmlrpc</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.1.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xmlrpc-server-3.1.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.apache.xmlrpc.server</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>XML-RPC</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>UserLand Software, Inc.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xmlrpc-server</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.xmlrpc</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache XML-RPC Server Library</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>xmlrpc</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache.xmlrpc</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.1.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header534" class="subsectionheader white">Identifiers</h4>
                                                <div id="content534" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%227e5123995d009129af3dfc663d2ec91c6541bf98%22" target="_blank">org.apache.xmlrpc:xmlrpc-server:3.1.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l256_01b2502e29da1ebaade2357cd1de35a855fa3755"></a>zookeeper-3.4.6.jar</h3>
                    <div class="subsectioncontent">
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.apache.zookeeper\zookeeper\3.4.6\1b2502e29da1ebaade2357cd1de35a855fa3755\zookeeper-3.4.6.jar<br/>
                            <b>MD5:</b>&nbsp;7d01d317c717268725896cfb81b18152<br/>
                            <b>SHA1:</b>&nbsp;01b2502e29da1ebaade2357cd1de35a855fa3755
                                                                                </p>
                                                <h4 id="header535" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content535" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>zookeeper</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.apache.zookeeper</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.4.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>zookeeper-3.4.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.4.6</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>zookeeper</td></tr>
                                                                    <tr><td>Manifest</td><td>built-at</td><td>02/23/2014 17:18 GMT</td></tr>
                                                                    <tr><td>Manifest</td><td>built-on</td><td>fpj-Virtual-Machine</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://hadoop.apache.org/zookeeper</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>ZooKeeper Bundle</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.hadoop.zookeeper</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.4.6</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>org.apache.zookeeper</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.4.6-1569965</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>zookeeper</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>apache.zookeeper</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.4.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header536" class="subsectionheader white">Identifiers</h4>
                                                <div id="content536" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:zookeeper:3.4.6
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('zookeeper-3.4.6.jar', '01b2502e29da1ebaade2357cd1de35a855fa3755', 'cpe', 'cpe:/a:apache:zookeeper:3.4.6')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/apache/zookeeper/zookeeper/3.4.6/zookeeper-3.4.6.jar" target="_blank">org.apache.zookeeper:zookeeper:3.4.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header537" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content537" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0085">CVE-2014-0085</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('zookeeper-3.4.6.jar', '01b2502e29da1ebaade2357cd1de35a855fa3755', 'cve', 'CVE-2014-0085')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-255 Credentials Management
                            </p>
                            <p>Apache Zookeeper logs cleartext admin passwords, which allows local users to obtain sensitive information by reading the log.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1067265">https://bugzilla.redhat.com/show_bug.cgi?id=1067265</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs125', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs125"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Azookeeper%3A-">cpe:/a:apache:zookeeper:-</a> </li>
                                    <li class="vs125">...</li>
                                                                    <li class="vs125 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Azookeeper%3A-">cpe:/a:apache:zookeeper:-</a> </li>
                                                                    <li class="vs125 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_fuse%3A6.0.0">cpe:/a:redhat:jboss_fuse:6.0.0</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l257_302d0fe0abba26bbf5f31c3cd5337b3125c744e3"></a>aspectjrt-1.8.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The runtime needed to execute a program using AspectJ<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.aspectj\aspectjrt\1.8.0\302d0fe0abba26bbf5f31c3cd5337b3125c744e3\aspectjrt-1.8.0.jar<br/>
                            <b>MD5:</b>&nbsp;038daf8a4723e6f34cdd2cad7e023e4f<br/>
                            <b>SHA1:</b>&nbsp;302d0fe0abba26bbf5f31c3cd5337b3125c744e3
                                                                                </p>
                                                <h4 id="header538" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content538" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>aspectjrt</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.aspectj</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>aspectjrt-1.8.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>aspectj</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lang</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>reflect</td></tr>
                                                                    <tr><td>manifest: org/aspectj/lang/</td><td>Implementation-Title</td><td>org.aspectj.tools</td></tr>
                                                                    <tr><td>manifest: org/aspectj/lang/</td><td>Implementation-Vendor</td><td>aspectj.org</td></tr>
                                                                    <tr><td>manifest: org/aspectj/lang/</td><td>Implementation-Version</td><td>1.8.0</td></tr>
                                                                    <tr><td>manifest: org/aspectj/lang/</td><td>Specification-Title</td><td>AspectJ Runtime Classes </td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>aspectjrt</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The runtime needed to execute a program using AspectJ</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>aspectj</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>AspectJ runtime</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.aspectj.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header539" class="subsectionheader white">Identifiers</h4>
                                                <div id="content539" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/aspectj/aspectjrt/1.8.0/aspectjrt-1.8.0.jar" target="_blank">org.aspectj:aspectjrt:1.8.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l258_495e25a99e29970ffe8ba0b1d551e1d1a9991fc1"></a>bsh-core-2.0b4.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;BeanShell core<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.beanshell\bsh-core\2.0b4\495e25a99e29970ffe8ba0b1d551e1d1a9991fc1\bsh-core-2.0b4.jar<br/>
                            <b>MD5:</b>&nbsp;bab431f0908fde87034f0c34c6cf1e30<br/>
                            <b>SHA1:</b>&nbsp;495e25a99e29970ffe8ba0b1d551e1d1a9991fc1
                                                                                </p>
                                                <h4 id="header540" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content540" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>bsh-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.beanshell</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.0b4</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>bsh-core-2.0b4</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.0.b4</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bsh</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Pat Niemeyer (pat@pat.net)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.0b4 2005-05-23 11:49:20</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>BeanShell core</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>http://www.beanshell.org/</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>bsh-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>BeanShell core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>beanshell</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>BeanShell core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>beanshell</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.beanshell</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.0b4</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header541" class="subsectionheader white">Identifiers</h4>
                                                <div id="content541" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/beanshell/bsh-core/2.0b4/bsh-core-2.0b4.jar" target="_blank">org.beanshell:bsh-core:2.0b4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l259_4995a870400e1554d1c7ed2afcb5d198fae12db9"></a>bcmail-jdk15on-1.52.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.5 to JDK 1.8. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Bouncy Castle Licence: http://www.bouncycastle.org/licence.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.bouncycastle\bcmail-jdk15on\1.52\4995a870400e1554d1c7ed2afcb5d198fae12db9\bcmail-jdk15on-1.52.jar<br/>
                            <b>MD5:</b>&nbsp;858597d61d2398a895c612f9df913dae<br/>
                            <b>SHA1:</b>&nbsp;4995a870400e1554d1c7ed2afcb5d198fae12db9
                                                                                </p>
                                                <h4 id="header542" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content542" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>bcmail-jdk15on</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.52</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>bcmail-jdk15on-1.52</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.52</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bouncycastle</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>mail</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>smime</td></tr>
                                                                    <tr><td>Manifest</td><td>application-library-allowable-codebase</td><td>*</td></tr>
                                                                    <tr><td>Manifest</td><td>application-name</td><td>Bouncy Castle S/MIME API</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>bcmail</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>bcmail</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.52</td></tr>
                                                                    <tr><td>Manifest</td><td>caller-allowable-codebase</td><td>*</td></tr>
                                                                    <tr><td>Manifest</td><td>codebase</td><td>*</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.bouncycastle.bcmail</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.52.0.0</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>24.75-b04 (Oracle Corporation)</td></tr>
                                                                    <tr><td>Manifest</td><td>permissions</td><td>all-permissions</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>bcmail-jdk15on</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.5 to JDK 1.8. The APIs can be used in conjunction with a JCE/JCA provider ...</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>bouncycastle</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Bouncy Castle S/MIME API</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.bouncycastle.org/java.html</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.52</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header543" class="subsectionheader white">Identifiers</h4>
                                                <div id="content543" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bcmail-jdk15on/1.52/bcmail-jdk15on-1.52.jar" target="_blank">org.bouncycastle:bcmail-jdk15on:1.52</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l260_b8ffac2bbc6626f86909589c8cc63637cc936504"></a>bcpkix-jdk15on-1.52.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 to JDK 1.8. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Bouncy Castle Licence: http://www.bouncycastle.org/licence.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.bouncycastle\bcpkix-jdk15on\1.52\b8ffac2bbc6626f86909589c8cc63637cc936504\bcpkix-jdk15on-1.52.jar<br/>
                            <b>MD5:</b>&nbsp;72104264eec0fd299cca4b07eada5d5b<br/>
                            <b>SHA1:</b>&nbsp;b8ffac2bbc6626f86909589c8cc63637cc936504
                                                                                </p>
                                                <h4 id="header544" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content544" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>bcpkix-jdk15on</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.52</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>bcpkix-jdk15on-1.52</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.52</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bouncycastle</td></tr>
                                                                    <tr><td>Manifest</td><td>application-library-allowable-codebase</td><td>*</td></tr>
                                                                    <tr><td>Manifest</td><td>application-name</td><td>Bouncy Castle PKIX API</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>bcpkix</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>bcpkix</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.52</td></tr>
                                                                    <tr><td>Manifest</td><td>caller-allowable-codebase</td><td>*</td></tr>
                                                                    <tr><td>Manifest</td><td>codebase</td><td>*</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.bouncycastle.bcpkix</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.52.0.0</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>24.75-b04 (Oracle Corporation)</td></tr>
                                                                    <tr><td>Manifest</td><td>permissions</td><td>all-permissions</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>bcpkix-jdk15on</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 to JDK 1.8. The APIs can be used in conjunction with a JCE/JCA provider ...</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>bouncycastle</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.bouncycastle.org/java.html</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.52</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header545" class="subsectionheader white">Identifiers</h4>
                                                <div id="content545" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bcpkix-jdk15on/1.52/bcpkix-jdk15on-1.52.jar" target="_blank">org.bouncycastle:bcpkix-jdk15on:1.52</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l261_88a941faf9819d371e3174b5ed56a3f3f7d73269"></a>bcprov-jdk15on-1.52.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Bouncy Castle Licence: http://www.bouncycastle.org/licence.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.bouncycastle\bcprov-jdk15on\1.52\88a941faf9819d371e3174b5ed56a3f3f7d73269\bcprov-jdk15on-1.52.jar<br/>
                            <b>MD5:</b>&nbsp;873ac611cb0d7160c0a3d30eee964454<br/>
                            <b>SHA1:</b>&nbsp;88a941faf9819d371e3174b5ed56a3f3f7d73269
                                                                                </p>
                                                <h4 id="header546" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content546" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>bcprov-jdk15on</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.52</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>bcprov-jdk15on-1.52</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.52</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bouncycastle</td></tr>
                                                                    <tr><td>Manifest</td><td>application-library-allowable-codebase</td><td>*</td></tr>
                                                                    <tr><td>Manifest</td><td>application-name</td><td>Bouncy Castle Provider</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>bcprov</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>bcprov</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.52</td></tr>
                                                                    <tr><td>Manifest</td><td>caller-allowable-codebase</td><td>*</td></tr>
                                                                    <tr><td>Manifest</td><td>codebase</td><td>*</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.bouncycastle.bcprovider</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.52.0</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>24.75-b04 (Oracle Corporation)</td></tr>
                                                                    <tr><td>Manifest</td><td>permissions</td><td>all-permissions</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>bcprov-jdk15on</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>bouncycastle</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Bouncy Castle Provider</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.bouncycastle.org/java.html</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.52</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header547" class="subsectionheader white">Identifiers</h4>
                                                <div id="content547" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.52
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('bcprov-jdk15on-1.52.jar', '88a941faf9819d371e3174b5ed56a3f3f7d73269', 'cpe', 'cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.52')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.52
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('bcprov-jdk15on-1.52.jar', '88a941faf9819d371e3174b5ed56a3f3f7d73269', 'cpe', 'cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.52')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bcprov-jdk15on/1.52/bcprov-jdk15on-1.52.jar" target="_blank">org.bouncycastle:bcprov-jdk15on:1.52</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l262_4821122f8390d15f4b5ee652621e2a2bb1f1bf16"></a>bctsp-jdk14-1.38.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;The Bouncy Castle Java API for handling the Time Stamp Protocol (TSP). This jar contains the TSP API for JDK 1.4. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Bouncy Castle Licence: http://www.bouncycastle.org/licence.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.bouncycastle\bctsp-jdk14\1.38\4821122f8390d15f4b5ee652621e2a2bb1f1bf16\bctsp-jdk14-1.38.jar<br/>
                            <b>MD5:</b>&nbsp;7eb22fff640e0631b6af47ebd6de4924<br/>
                            <b>SHA1:</b>&nbsp;4821122f8390d15f4b5ee652621e2a2bb1f1bf16
                                                                                </p>
                                                <h4 id="header548" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content548" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>bctsp-jdk14</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.38</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>bctsp-jdk14-1.38</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.38</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bouncycastle</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tsp</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>org.bouncycastle.bctsp</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.bouncycastle</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.38.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>BouncyCastle.org</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>bctsp-jdk14</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Bouncy Castle Java API for handling the Time Stamp Protocol (TSP). This jar contains the TSP API for JDK 1.4. The APIs can be used in conjunction with a JCE/JCA provider ...</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>bouncycastle</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Bouncy Castle OpenPGP API</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.bouncycastle.org/java.html</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.38</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header549" class="subsectionheader white">Identifiers</h4>
                                                <div id="content549" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aopenpgp%3Aopenpgp" target="_blank">cpe:/a:openpgp:openpgp:1.38</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('bctsp-jdk14-1.38.jar', '4821122f8390d15f4b5ee652621e2a2bb1f1bf16', 'cpe', 'cpe:/a:openpgp:openpgp:1.38')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Apgp%3Aopenpgp" target="_blank">cpe:/a:pgp:openpgp:1.38</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('bctsp-jdk14-1.38.jar', '4821122f8390d15f4b5ee652621e2a2bb1f1bf16', 'cpe', 'cpe:/a:pgp:openpgp:1.38')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/bouncycastle/bctsp-jdk14/1.38/bctsp-jdk14-1.38.jar" target="_blank">org.bouncycastle:bctsp-jdk14:1.38</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header550" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content550" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0366">CVE-2005-0366</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('bctsp-jdk14-1.38.jar', '4821122f8390d15f4b5ee652621e2a2bb1f1bf16', 'cve', 'CVE-2005-0366')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                            </p>
                            <p>The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/12529">12529</a></li>
                                                                            <li>CERT-VN - <a target="_blank" href="http://www.kb.cert.org/vuls/id/303094">VU#303094</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.pgp.com/library/ctocorner/openpgp.html">http://www.pgp.com/library/ctocorner/openpgp.html</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://www.gentoo.org/security/en/glsa/glsa-200503-29.xml">GLSA-200503-29</a></li>
                                                                            <li>MANDRAKE - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2005:057">MDKSA-2005:057</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://eprint.iacr.org/2005/033">http://eprint.iacr.org/2005/033</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://eprint.iacr.org/2005/033.pdf">http://eprint.iacr.org/2005/033.pdf</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1013166">1013166</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://www.novell.com/linux/security/advisories/2005_07_sr.html">SUSE-SR:2005:007</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs126"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aopenpgp%3Aopenpgp">cpe:/a:openpgp:openpgp</a> </li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0381">CVE-2001-0381</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('bctsp-jdk14-1.38.jar', '4821122f8390d15f4b5ee652621e2a2bb1f1bf16', 'cve', 'CVE-2001-0381')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/2673">2673</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2001-03/0252.html">20010319 Have they found a serious PGP vulnerability?! </a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2001-03/0274.html">20010320 Yes, they have found a serious PGP vulnerability...sort of</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2001-03/0311.html">20010322 Re: Yes, they have found a serious PGP vulnerability...sort of </a></li>
                                                                            <li>CALDERA - <a target="_blank" href="ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-017.0.txt">CSSA-2001-017.0</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2001-063.html">RHSA-2001:063</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/6558">openpgp-private-key-disclosure(6558)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs127"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apgp%3Aopenpgp">cpe:/a:pgp:openpgp</a> </li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l263_5584627487e984c03456266d3f8802eb85a9ce97"></a>tagsoup-1.2.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;TagSoup is a SAX-compliant parser written in Java that, instead of parsing well-formed or valid XML, parses HTML as it is found in the wild: poor, nasty and brutish, though quite often far from short. TagSoup is designed for people who have to process this stuff using some semblance of a rational application design. By providing a SAX interface, it allows standard XML tools to be applied to even the worst HTML. TagSoup also includes a command-line processor that reads HTML files and can generate either clean HTML or well-formed XML that is a close approximation to XHTML.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.ccil.cowan.tagsoup\tagsoup\1.2.1\5584627487e984c03456266d3f8802eb85a9ce97\tagsoup-1.2.1.jar<br/>
                            <b>MD5:</b>&nbsp;ae73a52cdcbec10cd61d9ef22fab5936<br/>
                            <b>SHA1:</b>&nbsp;5584627487e984c03456266d3f8802eb85a9ce97
                                                                                </p>
                                                <h4 id="header551" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content551" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>tagsoup</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.ccil.cowan.tagsoup</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>tagsoup-1.2.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ccil</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>cowan</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tagsoup</td></tr>
                                                                    <tr><td>Manifest</td><td>version</td><td>1.2.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>tagsoup</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>TagSoup is a SAX-compliant parser written in Java that, instead of parsing well-formed or valid XML, parses HTML as it is found in the wild: poor, nasty and brutish, though quite often far from short. TagSoup is designed for people who have to process this stuff using some semblance of a rational application design. By providing a SAX interface, it allows standard XML tools to be applied to even the worst HTML. TagSoup also includes a command-line processor that reads HTML files and can generate either clean HTML or well-formed XML that is a close approximation to XHTML.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>ccil.cowan.tagsoup</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>TagSoup</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://home.ccil.org/~cowan/XML/tagsoup/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header552" class="subsectionheader white">Identifiers</h4>
                                                <div id="content552" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/ccil/cowan/tagsoup/tagsoup/1.2.1/tagsoup-1.2.1.jar" target="_blank">org.ccil.cowan.tagsoup:tagsoup:1.2.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l264_2898c85b844ad4db731d8dbd7bac395bece5bead"></a>batik-all-1.8pre-r1084380.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.codeartisans.thirdparties.swing\batik-all\1.8pre-r1084380\2898c85b844ad4db731d8dbd7bac395bece5bead\batik-all-1.8pre-r1084380.jar<br/>
                            <b>MD5:</b>&nbsp;6b971c2c943d0d398744774c3df092bc<br/>
                            <b>SHA1:</b>&nbsp;2898c85b844ad4db731d8dbd7bac395bece5bead
                                                                                </p>
                                                <h4 id="header553" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content553" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>batik-all</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.codeartisans.thirdparties.swing</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8pre-r1084380</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>batik-all-1.8pre-r1084380</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8pre</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>Manifest</td><td>build-id</td><td>20110625-122453-CEST</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Batik all-in-one JAR</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation (http://xmlgraphics.apache.org/batik/)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.8pre+r1084380</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>batik-all</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>codeartisans.thirdparties.swing</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>${project.artifactId}</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>thirdparty-swing-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.codeartisans.thirdparties.swing</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.8pre-r1084380</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8pre-r1084380</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header554" class="subsectionheader white">Identifiers</h4>
                                                <div id="content554" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.8pre
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('batik-all-1.8pre-r1084380.jar', '2898c85b844ad4db731d8dbd7bac395bece5bead', 'cpe', 'cpe:/a:apache:batik:1.8pre')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="https://search.maven.org/remotecontent?filepath=org/codeartisans/thirdparties/swing/batik-all/1.8pre-r1084380/batik-all-1.8pre-r1084380.jar" target="_blank">org.codeartisans.thirdparties.swing:batik-all:1.8pre-r1084380</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l265_01730f61e9c9e59fd1b814371265334d7be0b8d2"></a>groovy-all-2.4.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Groovy: A powerful, dynamic language for the JVM<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.codehaus.groovy\groovy-all\2.4.5\1730f61e9c9e59fd1b814371265334d7be0b8d2\groovy-all-2.4.5.jar<br/>
                            <b>MD5:</b>&nbsp;7faaaed0ae664f4b6a654b209930e803<br/>
                            <b>SHA1:</b>&nbsp;01730f61e9c9e59fd1b814371265334d7be0b8d2
                                                                                </p>
                                                <h4 id="header555" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content555" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>groovy-all</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.codehaus.groovy</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.4.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>groovy-all-2.4.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.4.5</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>codehaus</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>groovy</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Groovy Runtime</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Groovy Runtime</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>groovy-all</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.4.5</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>groovy</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Groovy: a powerful, dynamic language for the JVM</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.4.5</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>1.7.0_60-ea-b07 (Oracle Corporation)</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Groovy: a powerful, dynamic language for the JVM</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>groovy-all</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Groovy: A powerful, dynamic language for the JVM</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>codehaus.groovy</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Groovy</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://groovy-lang.org
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://groovy-lang.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.4.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header556" class="subsectionheader white">Identifiers</h4>
                                                <div id="content556" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:groovy:2.4.5
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('groovy-all-2.4.5.jar', '01730f61e9c9e59fd1b814371265334d7be0b8d2', 'cpe', 'cpe:/a:apache:groovy:2.4.5')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/codehaus/groovy/groovy-all/2.4.5/groovy-all-2.4.5.jar" target="_blank">org.codehaus.groovy:groovy-all:2.4.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l266_8fb6b798a4036048b3005e058553bf21a87802ed"></a>plexus-utils-1.5.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.codehaus.plexus\plexus-utils\1.5.6\8fb6b798a4036048b3005e058553bf21a87802ed\plexus-utils-1.5.6.jar<br/>
                            <b>MD5:</b>&nbsp;d6070c2e77ca56adafa953215ddf744b<br/>
                            <b>SHA1:</b>&nbsp;8fb6b798a4036048b3005e058553bf21a87802ed
                                                                                </p>
                                                <h4 id="header557" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content557" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>plexus-utils</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.codehaus.plexus</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>plexus-utils-1.5.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.6</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>codehaus</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>plexus</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>util</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>plexus-utils</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>codehaus.plexus</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Plexus Common Utilities</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>plexus</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.codehaus.plexus</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.5.6</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://plexus.codehaus.org/plexus-utils</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header558" class="subsectionheader white">Identifiers</h4>
                                                <div id="content558" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/codehaus/plexus/plexus-utils/1.5.6/plexus-utils-1.5.6.jar" target="_blank">org.codehaus.plexus:plexus-utils:1.5.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l267_1074eabfbcbfb0decfe6f9ed0541668e114b9311"></a>plexus-utils-1.5.6.jar\META-INF/maven/org.codehaus.plexus/plexus-interpolation/pom.xml</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.codehaus.plexus\plexus-utils\1.5.6\8fb6b798a4036048b3005e058553bf21a87802ed\plexus-utils-1.5.6.jar\META-INF/maven/org.codehaus.plexus/plexus-interpolation/pom.xml<br/>
                            <b>MD5:</b>&nbsp;61795135733295c9aa438fda7b923db8<br/>
                            <b>SHA1:</b>&nbsp;1074eabfbcbfb0decfe6f9ed0541668e114b9311
                                                                                </p>
                                                <h4 id="header559" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content559" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>plexus-interpolation</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>codehaus.plexus</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Plexus Interpolation API</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>plexus</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.codehaus.plexus</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.0</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header560" class="subsectionheader white">Identifiers</h4>
                                                <div id="content560" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;org.codehaus.plexus:plexus-interpolation:1.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l268_ac19014b1e6a7c08aad07fe114af792676b685b7"></a>stax2-api-3.1.4.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The BSD License: http://www.opensource.org/licenses/bsd-license.php</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.codehaus.woodstox\stax2-api\3.1.4\ac19014b1e6a7c08aad07fe114af792676b685b7\stax2-api-3.1.4.jar<br/>
                            <b>MD5:</b>&nbsp;c08e89de601b0a78f941b2c29db565c3<br/>
                            <b>SHA1:</b>&nbsp;ac19014b1e6a7c08aad07fe114af792676b685b7
                                                                                </p>
                                                <h4 id="header561" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content561" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>stax2-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.codehaus.woodstox</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.1.4</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>stax2-api-3.1.4</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.1.4</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://fasterxml.com</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Stax2 API</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>stax2-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.1.4</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>stax2-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>codehaus.woodstox</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Stax2 API</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://fasterxml.com
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://wiki.fasterxml.com/WoodstoxStax2</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.1.4</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header562" class="subsectionheader white">Identifiers</h4>
                                                <div id="content562" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22ac19014b1e6a7c08aad07fe114af792676b685b7%22" target="_blank">org.codehaus.woodstox:stax2-api:3.1.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l269_84fee5eb1a4a1cefe65b6883c73b3fa83be3c1a1"></a>woodstox-core-asl-4.4.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Woodstox is a high-performance XML processor that
implements Stax (JSR-173) and SAX2 APIs<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.codehaus.woodstox\woodstox-core-asl\4.4.1\84fee5eb1a4a1cefe65b6883c73b3fa83be3c1a1\woodstox-core-asl-4.4.1.jar<br/>
                            <b>MD5:</b>&nbsp;1f53f91f117288fb2ef2e120f27e5498<br/>
                            <b>SHA1:</b>&nbsp;84fee5eb1a4a1cefe65b6883c73b3fa83be3c1a1
                                                                                </p>
                                                <h4 id="header563" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content563" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>woodstox-core-asl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.codehaus.woodstox</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>woodstox-core-asl-4.4.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ctc</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>wstx</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Woodstox XML-processor</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>woodstox-core-asl</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>4.4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Woodstox XML-processor</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>http://woodstox.codehaus.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.4.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Stax 1.0 API</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>http://jcp.org/en/jsr/detail?id=173</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>woodstox-core-asl</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Woodstox is a high-performance XML processor that
implements Stax (JSR-173) and SAX2 APIs</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>codehaus.woodstox</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Woodstox</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.codehaus.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://woodstox.codehaus.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.4.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header564" class="subsectionheader white">Identifiers</h4>
                                                <div id="content564" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/codehaus/woodstox/woodstox-core-asl/4.4.1/woodstox-core-asl-4.4.1.jar" target="_blank">org.codehaus.woodstox:woodstox-core-asl:4.4.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l270_992a8a8add10468930efc1f110f2895f68258a1e"></a>jhighlight-1.0.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    JHighlight is an embeddable pure Java syntax highlighting
    library that supports Java, HTML, XHTML, XML and LZX
    languages and outputs to XHTML.

    It also supports RIFE templates tags and highlights them
    clearly so that you can easily identify the difference
    between your RIFE markup and the actual marked up source.
	<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">CDDL, v1.0: http://www.opensource.org/licenses/cddl1.php
LGPL, v2.1 or later: http://www.opensource.org/licenses/lgpl-license.php</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.codelibs\jhighlight\1.0.2\992a8a8add10468930efc1f110f2895f68258a1e\jhighlight-1.0.2.jar<br/>
                            <b>MD5:</b>&nbsp;867f23891848a72f1284ff3aaf18d94e<br/>
                            <b>SHA1:</b>&nbsp;992a8a8add10468930efc1f110f2895f68258a1e
                                                                                </p>
                                                <h4 id="header565" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content565" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jhighlight</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.codelibs</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jhighlight-1.0.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>fastutil</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jhighlight</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>uwyn</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jhighlight</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> JHighlight is an embeddable pure Java syntax highlighting library that supports Java, HTML, XHTML, XML and LZX languages and outputs to XHTML. It also supports RIFE templates tags and highlights them clearly so that you can easily identify the difference between your RIFE markup and the actual marked up source. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>codelibs</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JHighlight</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/codelibs/jhighlight</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header566" class="subsectionheader white">Identifiers</h4>
                                                <div id="content566" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22992a8a8add10468930efc1f110f2895f68258a1e%22" target="_blank">org.codelibs:jhighlight:1.0.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l271_18d4c7c2014447eacfd00c65c717b3cfc422407b"></a>com.lowagie.text-2.1.7.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\com.lowagie.text\2.1.7\18d4c7c2014447eacfd00c65c717b3cfc422407b\com.lowagie.text-2.1.7.jar<br/>
                            <b>MD5:</b>&nbsp;af7c1521ab58701d3a0cadc29ef3d15a<br/>
                            <b>SHA1:</b>&nbsp;18d4c7c2014447eacfd00c65c717b3cfc422407b
                                                                                </p>
                                                <h4 id="header567" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content567" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>com.lowagie.text</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1.7</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>com.lowagie.text-2.1.7</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1.7</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>lowagie</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>pdf</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>text</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%bundleName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.lowagie.text</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.1.7.v201004222200</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>lowagie.text</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>com.lowagie.text_2.1.7.v201004222200.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1.7</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header568" class="subsectionheader white">Identifiers</h4>
                                                <div id="content568" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:2.1.7
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('com.lowagie.text-2.1.7.jar', '18d4c7c2014447eacfd00c65c717b3cfc422407b', 'cpe', 'cpe:/a:eclipse:birt:2.1.7')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/com.lowagie.text/2.1.7/com.lowagie.text-2.1.7.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:com.lowagie.text:2.1.7</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header569" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content569" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('com.lowagie.text-2.1.7.jar', '18d4c7c2014447eacfd00c65c717b3cfc422407b', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs128"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l272_29ec6b1964b05d6ff9728226d2a1e61fab3ac95c"></a>javax.wsdl-1.5.1.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\javax.wsdl\1.5.1\29ec6b1964b05d6ff9728226d2a1e61fab3ac95c\javax.wsdl-1.5.1.jar<br/>
                            <b>MD5:</b>&nbsp;bf0c1e9a2431ee46940855f7c92628d8<br/>
                            <b>SHA1:</b>&nbsp;29ec6b1964b05d6ff9728226d2a1e61fab3ac95c
                                                                                </p>
                                                <h4 id="header570" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content570" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>javax.wsdl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>javax.wsdl-1.5.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>extensions</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ibm</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>wsdl</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Bundle-Name.0</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>javax.wsdl</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.5.1.v201012040544</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>WSDL4J</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>IBM</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5.1</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.xerces;bundle-version=&quot;[2.8.0,3.0.0)&quot;;resolution:=optional</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>JWSDL</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>IBM (Java Community Process)</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>javax.wsdl</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>javax.wsdl_1.5.1.v201012040544.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header571" class="subsectionheader white">Identifiers</h4>
                                                <div id="content571" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.5.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('javax.wsdl-1.5.1.jar', '29ec6b1964b05d6ff9728226d2a1e61fab3ac95c', 'cpe', 'cpe:/a:eclipse:birt:1.5.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/javax.wsdl/1.5.1/javax.wsdl-1.5.1.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:javax.wsdl:1.5.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header572" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content572" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('javax.wsdl-1.5.1.jar', '29ec6b1964b05d6ff9728226d2a1e61fab3ac95c', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs129"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l273_e2db6eb9029356884f123a60e9b72a51919e9a6f"></a>org.apache.batik.bridge-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.bridge\1.6.0\e2db6eb9029356884f123a60e9b72a51919e9a6f\org.apache.batik.bridge-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;e0136e6d36f5140dfea96ff1f3fea441<br/>
                            <b>SHA1:</b>&nbsp;e2db6eb9029356884f123a60e9b72a51919e9a6f
                                                                                </p>
                                                <h4 id="header573" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content573" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.bridge</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.bridge-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bridge</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.bridge</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.batik.css;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.dom;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.dom.svg;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.ext.awt;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.parser;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.util;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.util.gui;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.xml;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.w3c.dom.svg;bundle-version=&quot;[1.1.0,1.3.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.bridge</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.bridge_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header574" class="subsectionheader white">Identifiers</h4>
                                                <div id="content574" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.bridge-1.6.0.jar', 'e2db6eb9029356884f123a60e9b72a51919e9a6f', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.bridge/1.6.0/org.apache.batik.bridge-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.bridge:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header575" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content575" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.bridge-1.6.0.jar', 'e2db6eb9029356884f123a60e9b72a51919e9a6f', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs130', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs130"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs130">...</li>
                                                                    <li class="vs130 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs130 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l274_1e54558f0ad4b78f907f3461c14c7a7a91aecab2"></a>org.apache.batik.css-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.css\1.6.0\1e54558f0ad4b78f907f3461c14c7a7a91aecab2\org.apache.batik.css-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;a6b1201c835cb3e98733bd3214cb460e<br/>
                            <b>SHA1:</b>&nbsp;1e54558f0ad4b78f907f3461c14c7a7a91aecab2
                                                                                </p>
                                                <h4 id="header576" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content576" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.css</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.css-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>css</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>engine</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.css</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.batik.util;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.w3c.css.sac;bundle-version=&quot;[1.3.0,1.4.0)&quot;,org.w3c.dom.svg;bundle-version=&quot;[1.1.0,1.3.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.css</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.css_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header577" class="subsectionheader white">Identifiers</h4>
                                                <div id="content577" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.css-1.6.0.jar', '1e54558f0ad4b78f907f3461c14c7a7a91aecab2', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.css/1.6.0/org.apache.batik.css-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.css:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header578" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content578" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.css-1.6.0.jar', '1e54558f0ad4b78f907f3461c14c7a7a91aecab2', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs131', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs131"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs131">...</li>
                                                                    <li class="vs131 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs131 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l275_ce507ddef394d6c6771bc8692c7db6afb1da4fa0"></a>org.apache.batik.dom.svg-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.dom.svg\1.6.0\ce507ddef394d6c6771bc8692c7db6afb1da4fa0\org.apache.batik.dom.svg-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;e3093fc8645d18d9241c1db7b9064e32<br/>
                            <b>SHA1:</b>&nbsp;ce507ddef394d6c6771bc8692c7db6afb1da4fa0
                                                                                </p>
                                                <h4 id="header579" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content579" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.dom.svg</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.dom.svg-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>svg</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4,J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.dom.svg</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.batik.css;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.dom;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.parser;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.util;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.w3c.css.sac;bundle-version=&quot;[1.3.0,1.4.0)&quot;,org.w3c.dom.smil;bundle-version=&quot;[1.0.0,1.1.0)&quot;,org.w3c.dom.svg;bundle-version=&quot;[1.1.0,1.3.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.dom.svg</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.dom.svg_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header580" class="subsectionheader white">Identifiers</h4>
                                                <div id="content580" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.dom.svg-1.6.0.jar', 'ce507ddef394d6c6771bc8692c7db6afb1da4fa0', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.dom.svg/1.6.0/org.apache.batik.dom.svg-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.dom.svg:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header581" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content581" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.dom.svg-1.6.0.jar', 'ce507ddef394d6c6771bc8692c7db6afb1da4fa0', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs132', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs132"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs132">...</li>
                                                                    <li class="vs132 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs132 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l276_e9fe8d31ea04c6cd566e35f61524e561821bbe57"></a>org.apache.batik.dom-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.dom\1.6.0\e9fe8d31ea04c6cd566e35f61524e561821bbe57\org.apache.batik.dom-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;d894d215bb57972a2c912016a7c8af26<br/>
                            <b>SHA1:</b>&nbsp;e9fe8d31ea04c6cd566e35f61524e561821bbe57
                                                                                </p>
                                                <h4 id="header582" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content582" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.dom</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.dom-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4,J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.dom</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.batik.css;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.util;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.xml;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.w3c.css.sac;bundle-version=&quot;[1.3.0,1.4.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.dom</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.dom_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header583" class="subsectionheader white">Identifiers</h4>
                                                <div id="content583" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.dom-1.6.0.jar', 'e9fe8d31ea04c6cd566e35f61524e561821bbe57', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.dom/1.6.0/org.apache.batik.dom-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.dom:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header584" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content584" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.dom-1.6.0.jar', 'e9fe8d31ea04c6cd566e35f61524e561821bbe57', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs133', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs133"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs133">...</li>
                                                                    <li class="vs133 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs133 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l277_4df20bee143553a89b26bc06411eb4dcf44ec18e"></a>org.apache.batik.ext.awt-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.ext.awt\1.6.0\4df20bee143553a89b26bc06411eb4dcf44ec18e\org.apache.batik.ext.awt-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;66ec3f38f8f1ab368acd97dea9d554a5<br/>
                            <b>SHA1:</b>&nbsp;4df20bee143553a89b26bc06411eb4dcf44ec18e
                                                                                </p>
                                                <h4 id="header585" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content585" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.ext.awt</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.ext.awt-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>awt</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ext</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.ext.awt</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.batik.util;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.util.gui;bundle-version=&quot;[1.6.0,1.7.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.ext.awt</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.ext.awt_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header586" class="subsectionheader white">Identifiers</h4>
                                                <div id="content586" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.ext.awt-1.6.0.jar', '4df20bee143553a89b26bc06411eb4dcf44ec18e', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.ext.awt/1.6.0/org.apache.batik.ext.awt-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.ext.awt:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header587" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content587" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.ext.awt-1.6.0.jar', '4df20bee143553a89b26bc06411eb4dcf44ec18e', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs134', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs134"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs134">...</li>
                                                                    <li class="vs134 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs134 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l278_5e6dd459704dd6bd168f1b030cb739872e994339"></a>org.apache.batik.parser-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.parser\1.6.0\5e6dd459704dd6bd168f1b030cb739872e994339\org.apache.batik.parser-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;e9438886ce3c270c3ab3d8a3153607c6<br/>
                            <b>SHA1:</b>&nbsp;5e6dd459704dd6bd168f1b030cb739872e994339
                                                                                </p>
                                                <h4 id="header588" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content588" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.parser</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.parser-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>parser</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.parser</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.batik.ext.awt;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.util;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.xml;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.w3c.dom.svg;bundle-version=&quot;[1.1.0,1.3.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.parser</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.parser_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header589" class="subsectionheader white">Identifiers</h4>
                                                <div id="content589" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.parser-1.6.0.jar', '5e6dd459704dd6bd168f1b030cb739872e994339', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.parser/1.6.0/org.apache.batik.parser-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.parser:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header590" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content590" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.parser-1.6.0.jar', '5e6dd459704dd6bd168f1b030cb739872e994339', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs135', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs135"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs135">...</li>
                                                                    <li class="vs135 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs135 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l279_05cb65af57bdfd093c47b3cf7bc8bb57e10f5451"></a>org.apache.batik.svggen-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.svggen\1.6.0\5cb65af57bdfd093c47b3cf7bc8bb57e10f5451\org.apache.batik.svggen-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;2239ba844d960edd4874475630daf205<br/>
                            <b>SHA1:</b>&nbsp;05cb65af57bdfd093c47b3cf7bc8bb57e10f5451
                                                                                </p>
                                                <h4 id="header591" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content591" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.svggen</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.svggen-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>svggen</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.svggen</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.batik.ext.awt;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.util;bundle-version=&quot;[1.6.0,1.7.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.svggen</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.svggen_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header592" class="subsectionheader white">Identifiers</h4>
                                                <div id="content592" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.svggen-1.6.0.jar', '05cb65af57bdfd093c47b3cf7bc8bb57e10f5451', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.svggen/1.6.0/org.apache.batik.svggen-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.svggen:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header593" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content593" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.svggen-1.6.0.jar', '05cb65af57bdfd093c47b3cf7bc8bb57e10f5451', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs136', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs136"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs136">...</li>
                                                                    <li class="vs136 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs136 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l280_fc5d9326a3195f15781d2fcea862ec1767e30ebf"></a>org.apache.batik.transcoder-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.transcoder\1.6.0\fc5d9326a3195f15781d2fcea862ec1767e30ebf\org.apache.batik.transcoder-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;68731962320372175c3b07cc97ab155b<br/>
                            <b>SHA1:</b>&nbsp;fc5d9326a3195f15781d2fcea862ec1767e30ebf
                                                                                </p>
                                                <h4 id="header594" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content594" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.transcoder</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.transcoder-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>transcoder</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.transcoder</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.batik.bridge;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.dom;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.dom.svg;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.ext.awt;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.svggen;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.util;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.apache.batik.xml;bundle-version=&quot;[1.6.0,1.7.0)&quot;,org.w3c.dom.svg;bundle-version=&quot;[1.1.0,1.3.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.transcoder</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.transcoder_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header595" class="subsectionheader white">Identifiers</h4>
                                                <div id="content595" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.transcoder-1.6.0.jar', 'fc5d9326a3195f15781d2fcea862ec1767e30ebf', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.transcoder/1.6.0/org.apache.batik.transcoder-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.transcoder:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header596" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content596" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.transcoder-1.6.0.jar', 'fc5d9326a3195f15781d2fcea862ec1767e30ebf', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs137', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs137"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs137">...</li>
                                                                    <li class="vs137 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs137 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l281_6afa9107935bdeede0487c770bb0537b1a341c81"></a>org.apache.batik.util.gui-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.util.gui\1.6.0\6afa9107935bdeede0487c770bb0537b1a341c81\org.apache.batik.util.gui-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;37cc80a8417e17b2f43b85f871b67714<br/>
                            <b>SHA1:</b>&nbsp;6afa9107935bdeede0487c770bb0537b1a341c81
                                                                                </p>
                                                <h4 id="header597" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content597" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.util.gui</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.util.gui-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>gui</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>util</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.util.gui</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.util.gui</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.util.gui_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header598" class="subsectionheader white">Identifiers</h4>
                                                <div id="content598" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.util.gui-1.6.0.jar', '6afa9107935bdeede0487c770bb0537b1a341c81', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.util.gui/1.6.0/org.apache.batik.util.gui-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.util.gui:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header599" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content599" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.util.gui-1.6.0.jar', '6afa9107935bdeede0487c770bb0537b1a341c81', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs138', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs138"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs138">...</li>
                                                                    <li class="vs138 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs138 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l282_074aafd6361820f7e67474e78b16fd4365d1a58a"></a>org.apache.batik.util-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.util\1.6.0\74aafd6361820f7e67474e78b16fd4365d1a58a\org.apache.batik.util-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;3db4ec82c64ef8c985a818dc0fcde67e<br/>
                            <b>SHA1:</b>&nbsp;074aafd6361820f7e67474e78b16fd4365d1a58a
                                                                                </p>
                                                <h4 id="header600" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content600" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.util</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.util-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>util</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.util</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.batik.util.gui;bundle-version=&quot;[1.6.0,1.7.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.util</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.util_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header601" class="subsectionheader white">Identifiers</h4>
                                                <div id="content601" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.util-1.6.0.jar', '074aafd6361820f7e67474e78b16fd4365d1a58a', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.util/1.6.0/org.apache.batik.util-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.util:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header602" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content602" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.util-1.6.0.jar', '074aafd6361820f7e67474e78b16fd4365d1a58a', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs139', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs139"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs139">...</li>
                                                                    <li class="vs139 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs139 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l283_8b3fbec88190a39eae4de5088a1199f23526258e"></a>org.apache.batik.xml-1.6.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.batik.xml\1.6.0\8b3fbec88190a39eae4de5088a1199f23526258e\org.apache.batik.xml-1.6.0.jar<br/>
                            <b>MD5:</b>&nbsp;4291f7898be4dcba99ba8dacfb8e9122<br/>
                            <b>SHA1:</b>&nbsp;8b3fbec88190a39eae4de5088a1199f23526258e
                                                                                </p>
                                                <h4 id="header603" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content603" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.batik.xml</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.batik.xml-1.6.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>batik</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.batik.xml</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.6.0.v201011041432</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.apache.batik.util;bundle-version=&quot;[1.6.0,1.7.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.batik.xml</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.batik.xml_1.6.0.v201011041432.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header604" class="subsectionheader white">Identifiers</h4>
                                                <div id="content604" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:batik:1.6.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.batik.xml-1.6.0.jar', '8b3fbec88190a39eae4de5088a1199f23526258e', 'cpe', 'cpe:/a:apache:batik:1.6.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.batik.xml/1.6.0/org.apache.batik.xml-1.6.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.batik.xml:1.6.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header605" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content605" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0250">CVE-2015-0250</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.batik.xml-1.6.0.jar', '8b3fbec88190a39eae4de5088a1199f23526258e', 'cve', 'CVE-2015-0250')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://advisories.mageia.org/MGASA-2015-0138.html">http://advisories.mageia.org/MGASA-2015-0138.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21963275">http://www-01.ibm.com/support/docview.wss?uid=swg21963275</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xmlgraphics.apache.org/security.html">http://xmlgraphics.apache.org/security.html</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2015/Mar/142">20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection)</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2015:203">MDVSA-2015:203</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html">http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0041.html">RHSA-2016:0041</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-0042.html">RHSA-2016:0042</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032781">1032781</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2548-1">USN-2548-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs140', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs140"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                    <li class="vs140">...</li>
                                                                    <li class="vs140 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Abatik%3A1.7">cpe:/a:apache:batik:1.7</a>  and all previous versions</li>
                                                                    <li class="vs140 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_brms_platform%3A6.1.2">cpe:/a:redhat:jboss_enterprise_brms_platform:6.1.2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l284_72c73f3729b4ca49dac8691fb5adb194e8595799"></a>org.apache.commons.codec-1.3.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.commons.codec\1.3.0\72c73f3729b4ca49dac8691fb5adb194e8595799\org.apache.commons.codec-1.3.0.jar<br/>
                            <b>MD5:</b>&nbsp;e411b9d204b1a91d62b830a86e1f44ff<br/>
                            <b>SHA1:</b>&nbsp;72c73f3729b4ca49dac8691fb5adb194e8595799
                                                                                </p>
                                                <h4 id="header606" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content606" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.commons.codec</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.commons.codec-1.3.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>codec</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>commons</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%bundleName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>CDC-1.0/Foundation-1.0,J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.codec</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.3.0.v201101211617</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.commons.codec</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.commons.codec_1.3.0.v201101211617.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header607" class="subsectionheader white">Identifiers</h4>
                                                <div id="content607" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.3.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.commons.codec-1.3.0.jar', '72c73f3729b4ca49dac8691fb5adb194e8595799', 'cpe', 'cpe:/a:eclipse:birt:1.3.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.commons.codec/1.3.0/org.apache.commons.codec-1.3.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.commons.codec:1.3.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header608" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content608" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.commons.codec-1.3.0.jar', '72c73f3729b4ca49dac8691fb5adb194e8595799', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs141"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l285_615a1b724b88b81e8a040ec148fd25368f7b48e5"></a>org.apache.xerces-2.9.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.xerces\2.9.0\615a1b724b88b81e8a040ec148fd25368f7b48e5\org.apache.xerces-2.9.0.jar<br/>
                            <b>MD5:</b>&nbsp;99108dc0a0b108c5f3651f97bdc22084<br/>
                            <b>SHA1:</b>&nbsp;615a1b724b88b81e8a040ec148fd25368f7b48e5
                                                                                </p>
                                                <h4 id="header609" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content609" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.xerces</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.9.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.xerces-2.9.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.9.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xerces</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Bundle-Name.0</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.xerces</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.9.0.v201101211617</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>system.bundle,javax.xml;bundle-version=&quot;[1.3.4,2.0.0)&quot;;visibility:=reexport,org.apache.xml.resolver;bundle-version=&quot;[1.2.0,2.0.0)&quot;;visibility:=reexport,org.apache.xml.serializer;bundle-version=&quot;[2.7.1,3.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.xerces</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.xerces_2.9.0.v201101211617.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.9.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header610" class="subsectionheader white">Identifiers</h4>
                                                <div id="content610" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:2.9.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.xerces-2.9.0.jar', '615a1b724b88b81e8a040ec148fd25368f7b48e5', 'cpe', 'cpe:/a:eclipse:birt:2.9.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.xerces/2.9.0/org.apache.xerces-2.9.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.xerces:2.9.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l286_7c9c22053b04772e81dc62d665b202eeae82ae47"></a>org.apache.xml.resolver-1.2.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.xml.resolver\1.2.0\7c9c22053b04772e81dc62d665b202eeae82ae47\org.apache.xml.resolver-1.2.0.jar<br/>
                            <b>MD5:</b>&nbsp;f29e4c1d4936c28395beee34a755f3a6<br/>
                            <b>SHA1:</b>&nbsp;7c9c22053b04772e81dc62d665b202eeae82ae47
                                                                                </p>
                                                <h4 id="header611" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content611" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.xml.resolver</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.xml.resolver-1.2.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>resolver</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Bundle-Name.0</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.xml.resolver</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2.0.v201005080400</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.xml.resolver</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.xml.resolver_1.2.0.v201005080400.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header612" class="subsectionheader white">Identifiers</h4>
                                                <div id="content612" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.2.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.xml.resolver-1.2.0.jar', '7c9c22053b04772e81dc62d665b202eeae82ae47', 'cpe', 'cpe:/a:eclipse:birt:1.2.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.xml.resolver/1.2.0/org.apache.xml.resolver-1.2.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.xml.resolver:1.2.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header613" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content613" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.apache.xml.resolver-1.2.0.jar', '7c9c22053b04772e81dc62d665b202eeae82ae47', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs142"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l287_a8508e22414c8e12cdfdc42b25a7c7efa4004556"></a>org.apache.xml.serializer-2.7.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.apache.xml.serializer\2.7.1\a8508e22414c8e12cdfdc42b25a7c7efa4004556\org.apache.xml.serializer-2.7.1.jar<br/>
                            <b>MD5:</b>&nbsp;6bfe11d68939f35a28c21d309835adc3<br/>
                            <b>SHA1:</b>&nbsp;a8508e22414c8e12cdfdc42b25a7c7efa4004556
                                                                                </p>
                                                <h4 id="header614" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content614" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.apache.xml.serializer</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.7.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.apache.xml.serializer-2.7.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.7.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>serializer</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Bundle-Name.0</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.xml.serializer</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.7.1.v201005080400</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>apache.xml.serializer</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.apache.xml.serializer_2.7.1.v201005080400.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.7.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header615" class="subsectionheader white">Identifiers</h4>
                                                <div id="content615" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:2.7.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.apache.xml.serializer-2.7.1.jar', 'a8508e22414c8e12cdfdc42b25a7c7efa4004556', 'cpe', 'cpe:/a:eclipse:birt:2.7.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.apache.xml.serializer/2.7.1/org.apache.xml.serializer-2.7.1.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.apache.xml.serializer:2.7.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l288_b520e18bd357a47deb2e902ce49533564236219b"></a>org.mozilla.javascript-1.7.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.mozilla.javascript\1.7.2\b520e18bd357a47deb2e902ce49533564236219b\org.mozilla.javascript-1.7.2.jar<br/>
                            <b>MD5:</b>&nbsp;ec441f8787033e99da1eb599e021dc78<br/>
                            <b>SHA1:</b>&nbsp;b520e18bd357a47deb2e902ce49533564236219b
                                                                                </p>
                                                <h4 id="header616" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content616" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.mozilla.javascript</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.7.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.mozilla.javascript-1.7.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.7.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javascript</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>mozilla</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Bundle-Name.0</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.mozilla.javascript</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.7.2.v201005080400</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>mozilla.javascript</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>js.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.7.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header617" class="subsectionheader white">Identifiers</h4>
                                                <div id="content617" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.mozilla.javascript/1.7.2/org.mozilla.javascript-1.7.2.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.mozilla.javascript:1.7.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l289_8dfb0e08c19f3b47290096d27ab71ed4f2a5000a"></a>org.w3c.css.sac-1.3.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.w3c.css.sac\1.3.0\8dfb0e08c19f3b47290096d27ab71ed4f2a5000a\org.w3c.css.sac-1.3.0.jar<br/>
                            <b>MD5:</b>&nbsp;5e7f05aba6c35250a6f0345a5f9c8ca0<br/>
                            <b>SHA1:</b>&nbsp;8dfb0e08c19f3b47290096d27ab71ed4f2a5000a
                                                                                </p>
                                                <h4 id="header618" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content618" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.w3c.css.sac</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.w3c.css.sac-1.3.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>css</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sac</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>w3c</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3,CDC-1.0/Foundation-1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.w3c.css.sac</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.3.0.v200805290154</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>w3c.css.sac</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.w3c.css.sac_1.3.0.v200805290154.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header619" class="subsectionheader white">Identifiers</h4>
                                                <div id="content619" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.3.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.w3c.css.sac-1.3.0.jar', '8dfb0e08c19f3b47290096d27ab71ed4f2a5000a', 'cpe', 'cpe:/a:eclipse:birt:1.3.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.w3c.css.sac/1.3.0/org.w3c.css.sac-1.3.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.w3c.css.sac:1.3.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header620" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content620" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.w3c.css.sac-1.3.0.jar', '8dfb0e08c19f3b47290096d27ab71ed4f2a5000a', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs143"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l290_674bdda9162b48419741da833e445e190f33a58a"></a>org.w3c.dom.smil-1.0.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.w3c.dom.smil\1.0.0\674bdda9162b48419741da833e445e190f33a58a\org.w3c.dom.smil-1.0.0.jar<br/>
                            <b>MD5:</b>&nbsp;c2494764f38da65d09ce0a0444d00dcd<br/>
                            <b>SHA1:</b>&nbsp;674bdda9162b48419741da833e445e190f33a58a
                                                                                </p>
                                                <h4 id="header621" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content621" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.w3c.dom.smil</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.w3c.dom.smil-1.0.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>elementtimecontrol</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>smil</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>w3c</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4,J2SE-1.3,CDC-1.0/Foundation-1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.w3c.dom.smil</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.0.v200806040011</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>w3c.dom.smil</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.w3c.dom.smil_1.0.0.v200806040011.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header622" class="subsectionheader white">Identifiers</h4>
                                                <div id="content622" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.w3c.dom.smil-1.0.0.jar', '674bdda9162b48419741da833e445e190f33a58a', 'cpe', 'cpe:/a:eclipse:birt:1.0.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.w3c.dom.smil/1.0.0/org.w3c.dom.smil-1.0.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.w3c.dom.smil:1.0.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header623" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content623" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.w3c.dom.smil-1.0.0.jar', '674bdda9162b48419741da833e445e190f33a58a', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs144"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l291_9c6413ed43b4e9ba56982a554e03bd012cc44ed9"></a>org.w3c.dom.svg-1.1.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\org.w3c.dom.svg\1.1.0\9c6413ed43b4e9ba56982a554e03bd012cc44ed9\org.w3c.dom.svg-1.1.0.jar<br/>
                            <b>MD5:</b>&nbsp;dcf64eb5f94cf993600f30aac878d329<br/>
                            <b>SHA1:</b>&nbsp;9c6413ed43b4e9ba56982a554e03bd012cc44ed9
                                                                                </p>
                                                <h4 id="header624" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content624" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.w3c.dom.svg</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.w3c.dom.svg-1.1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>svg</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>w3c</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4,J2SE-1.3,CDC-1.0/Foundation-1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.w3c.dom.svg</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1.0.v201011041433</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.w3c.dom.smil;bundle-version=&quot;[1.0.0,1.1.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>w3c.dom.svg</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.w3c.dom.svg_1.1.0.v201011041433.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header625" class="subsectionheader white">Identifiers</h4>
                                                <div id="content625" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.1.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.w3c.dom.svg-1.1.0.jar', '9c6413ed43b4e9ba56982a554e03bd012cc44ed9', 'cpe', 'cpe:/a:eclipse:birt:1.1.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/org.w3c.dom.svg/1.1.0/org.w3c.dom.svg-1.1.0.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:org.w3c.dom.svg:1.1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header626" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content626" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.w3c.dom.svg-1.1.0.jar', '9c6413ed43b4e9ba56982a554e03bd012cc44ed9', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs145"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l292_63b1e38f4ca630dbac3d2072cda2a9336914d10c"></a>Tidy-1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime.3_7_1\Tidy\1\63b1e38f4ca630dbac3d2072cda2a9336914d10c\Tidy-1.jar<br/>
                            <b>MD5:</b>&nbsp;00418be9ec69f7f9a2dda911a1e77eaf<br/>
                            <b>SHA1:</b>&nbsp;63b1e38f4ca630dbac3d2072cda2a9336914d10c
                                                                                </p>
                                                <h4 id="header627" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content627" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>Tidy</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>Tidy-1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tidy</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>w3c</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>Tidy</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime.3_7_1</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Tidy.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header628" class="subsectionheader white">Identifiers</h4>
                                                <div id="content628" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/3_7_1/Tidy/1/Tidy-1.jar" target="_blank">org.eclipse.birt.runtime.3_7_1:Tidy:1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l293_ff82137ba65f8676355452edc0ca57975d1b69f4"></a>com.ibm.icu-50.1.1.v201304230130.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\com.ibm.icu\50.1.1.v201304230130\ff82137ba65f8676355452edc0ca57975d1b69f4\com.ibm.icu-50.1.1.v201304230130.jar<br/>
                            <b>MD5:</b>&nbsp;cc9d48d40fd8c18a2c4603e8403d6df6<br/>
                            <b>SHA1:</b>&nbsp;ff82137ba65f8676355452edc0ca57975d1b69f4
                                                                                </p>
                                                <h4 id="header629" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content629" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>com.ibm.icu</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>50.1.1.v201304230130</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>com.ibm.icu-50.1.1.v201304230130</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>50.1.1.v20130423</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ibm</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>icu</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>2012.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Licensed Materials - Property of IBM (C) Copyright IBM Corp. 2000, 2012. All Rights Reserved. IBM is a registered trademark of IBM Corp.</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.ibm.icu;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>50.1.1.v201304230130</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ibm.icu</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>com.ibm.icu_50.1.1.v201304230130.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>50.1.1.v201304230130</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header630" class="subsectionheader white">Identifiers</h4>
                                                <div id="content630" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:50.1.1.v20130423
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('com.ibm.icu-50.1.1.v201304230130.jar', 'ff82137ba65f8676355452edc0ca57975d1b69f4', 'cpe', 'cpe:/a:eclipse:birt:50.1.1.v20130423')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/com.ibm.icu/50.1.1.v201304230130/com.ibm.icu-50.1.1.v201304230130.jar" target="_blank">org.eclipse.birt.runtime:com.ibm.icu:50.1.1.v201304230130</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l294_3a4f0067058e2aa9af1c6e463bc8a147a99681c0"></a>javax.xml.stream-1.0.1.v201004272200.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\javax.xml.stream\1.0.1.v201004272200\3a4f0067058e2aa9af1c6e463bc8a147a99681c0\javax.xml.stream-1.0.1.v201004272200.jar<br/>
                            <b>MD5:</b>&nbsp;dfb3dc47c90f4273c2036aab23ee4fe3<br/>
                            <b>SHA1:</b>&nbsp;3a4f0067058e2aa9af1c6e463bc8a147a99681c0
                                                                                </p>
                                                <h4 id="header631" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content631" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>javax.xml.stream</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.1.v201004272200</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>javax.xml.stream-1.0.1.v201004272200</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.1.v20100427</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>stream</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Bundle-Name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>javax.xml.stream</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.1.v201004272200</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>javax.xml.stream</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>javax.xml.stream_1.0.1.v201004272200.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.1.v201004272200</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header632" class="subsectionheader white">Identifiers</h4>
                                                <div id="content632" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.1.v20100427
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('javax.xml.stream-1.0.1.v201004272200.jar', '3a4f0067058e2aa9af1c6e463bc8a147a99681c0', 'cpe', 'cpe:/a:eclipse:birt:1.0.1.v20100427')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/javax.xml.stream/1.0.1.v201004272200/javax.xml.stream-1.0.1.v201004272200.jar" target="_blank">org.eclipse.birt.runtime:javax.xml.stream:1.0.1.v201004272200</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header633" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content633" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('javax.xml.stream-1.0.1.v201004272200.jar', '3a4f0067058e2aa9af1c6e463bc8a147a99681c0', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs146"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l295_d7f5495359184868842e469c1929109a0f69d87a"></a>org.eclipse.birt.runtime-4.4.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.birt.runtime\4.4.1\d7f5495359184868842e469c1929109a0f69d87a\org.eclipse.birt.runtime-4.4.1.jar<br/>
                            <b>MD5:</b>&nbsp;bf28ed4bebc04a32e84e8982d80fa9fd<br/>
                            <b>SHA1:</b>&nbsp;d7f5495359184868842e469c1929109a0f69d87a
                                                                                </p>
                                                <h4 id="header634" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content634" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.birt.runtime-4.4.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.4.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>birt</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>report</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>BIRT Runtime SDK</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>4.4.1.v20140916-1320</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.birt.runtime_4.4.1.v20140916-1320.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.4.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header635" class="subsectionheader white">Identifiers</h4>
                                                <div id="content635" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:4.4.1
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.birt.runtime-4.4.1.jar', 'd7f5495359184868842e469c1929109a0f69d87a', 'cpe', 'cpe:/a:eclipse:birt:4.4.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.birt.runtime/4.4.1/org.eclipse.birt.runtime-4.4.1.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.birt.runtime:4.4.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l296_09a032a98b4b139fa91522b10fdc61ffa9864414"></a>org.eclipse.core.contenttype-3.4.200.v20130326-1255.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.core.contenttype\3.4.200.v20130326-1255\9a032a98b4b139fa91522b10fdc61ffa9864414\org.eclipse.core.contenttype-3.4.200.v20130326-1255.jar<br/>
                            <b>MD5:</b>&nbsp;ae257d3da2fdc3bdd6391fdfcbe9f752<br/>
                            <b>SHA1:</b>&nbsp;09a032a98b4b139fa91522b10fdc61ffa9864414
                                                                                </p>
                                                <h4 id="header636" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content636" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.core.contenttype</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.4.200.v20130326-1255</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.core.contenttype-3.4.200.v20130326-1255</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.4.200.v20130326</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>content</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>core</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4,CDC-1.0/Foundation-1.0,J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.core.contenttype; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.4.200.v20130326-1255</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.equinox.preferences;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.equinox.registry;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.equinox.common;bundle-version=&quot;[3.2.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.core.contenttype</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.core.contenttype_3.4.200.v20130326-1255.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.4.200.v20130326-1255</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header637" class="subsectionheader white">Identifiers</h4>
                                                <div id="content637" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.4.200.v20130326
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.core.contenttype-3.4.200.v20130326-1255.jar', '09a032a98b4b139fa91522b10fdc61ffa9864414', 'cpe', 'cpe:/a:eclipse:birt:3.4.200.v20130326')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.contenttype/3.4.200.v20130326-1255/org.eclipse.core.contenttype-3.4.200.v20130326-1255.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.contenttype:3.4.200.v20130326-1255</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l297_97cc20cce87af191fc620562ab74b1cde95947fd"></a>org.eclipse.core.expressions-3.4.500.v20130515-1343.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.core.expressions\3.4.500.v20130515-1343\97cc20cce87af191fc620562ab74b1cde95947fd\org.eclipse.core.expressions-3.4.500.v20130515-1343.jar<br/>
                            <b>MD5:</b>&nbsp;20da519a750933fa70944f49f2cc8ffd<br/>
                            <b>SHA1:</b>&nbsp;97cc20cce87af191fc620562ab74b1cde95947fd
                                                                                </p>
                                                <h4 id="header638" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content638" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.core.expressions</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.4.500.v20130515-1343</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.core.expressions-3.4.500.v20130515-1343</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.4.500.v20130515</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>core</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>expressions</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4,CDC-1.0/Foundation-1.0,J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.core.expressions; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.4.500.v20130515-1343</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.3.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.core.expressions</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.core.expressions_3.4.500.v20130515-1343.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.4.500.v20130515-1343</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header639" class="subsectionheader white">Identifiers</h4>
                                                <div id="content639" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.4.500.v20130515
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.core.expressions-3.4.500.v20130515-1343.jar', '97cc20cce87af191fc620562ab74b1cde95947fd', 'cpe', 'cpe:/a:eclipse:birt:3.4.500.v20130515')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.expressions/3.4.500.v20130515-1343/org.eclipse.core.expressions-3.4.500.v20130515-1343.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.expressions:3.4.500.v20130515-1343</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l298_e26398a301d91db6516debe38664239481d4b309"></a>org.eclipse.core.filesystem-1.4.0.v20130514-1240.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.core.filesystem\1.4.0.v20130514-1240\e26398a301d91db6516debe38664239481d4b309\org.eclipse.core.filesystem-1.4.0.v20130514-1240.jar<br/>
                            <b>MD5:</b>&nbsp;7f664cc54d9bc005c089087c867e6899<br/>
                            <b>SHA1:</b>&nbsp;e26398a301d91db6516debe38664239481d4b309
                                                                                </p>
                                                <h4 id="header640" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content640" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.core.filesystem</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.4.0.v20130514-1240</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.core.filesystem-1.4.0.v20130514-1240</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.4.0.v20130514</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>core</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>filesystem</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.core.filesystem; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.4.0.v20130514-1240</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.equinox.common;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.equinox.registry;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.osgi;bundle-version=&quot;[3.2.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.core.filesystem</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.core.filesystem_1.4.0.v20130514-1240.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.4.0.v20130514-1240</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header641" class="subsectionheader white">Identifiers</h4>
                                                <div id="content641" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.4.0.v20130514
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.core.filesystem-1.4.0.v20130514-1240.jar', 'e26398a301d91db6516debe38664239481d4b309', 'cpe', 'cpe:/a:eclipse:birt:1.4.0.v20130514')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.filesystem/1.4.0.v20130514-1240/org.eclipse.core.filesystem-1.4.0.v20130514-1240.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.filesystem:1.4.0.v20130514-1240</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header642" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content642" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.core.filesystem-1.4.0.v20130514-1240.jar', 'e26398a301d91db6516debe38664239481d4b309', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs147"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l299_e013c919510607d9c8ac5585b66ff4ee5e364ec9"></a>org.eclipse.core.jobs-3.6.0.v20140424-0053.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.core.jobs\3.6.0.v20140424-0053\e013c919510607d9c8ac5585b66ff4ee5e364ec9\org.eclipse.core.jobs-3.6.0.v20140424-0053.jar<br/>
                            <b>MD5:</b>&nbsp;f9c929dce571e15fb713214d4f067470<br/>
                            <b>SHA1:</b>&nbsp;e013c919510607d9c8ac5585b66ff4ee5e364ec9
                                                                                </p>
                                                <h4 id="header643" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content643" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.core.jobs</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.6.0.v20140424-0053</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.core.jobs-3.6.0.v20140424-0053</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.6.0.v20140424</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>core</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jobs</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.core.jobs; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.6.0.v20140424-0053</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.equinox.common;bundle-version=&quot;[3.2.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.core.jobs</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.core.jobs_3.6.0.v20140424-0053.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.6.0.v20140424-0053</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header644" class="subsectionheader white">Identifiers</h4>
                                                <div id="content644" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.6.0.v20140424
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.core.jobs-3.6.0.v20140424-0053.jar', 'e013c919510607d9c8ac5585b66ff4ee5e364ec9', 'cpe', 'cpe:/a:eclipse:birt:3.6.0.v20140424')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.jobs/3.6.0.v20140424-0053/org.eclipse.core.jobs-3.6.0.v20140424-0053.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.jobs:3.6.0.v20140424-0053</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l300_24a0e4b809d9cb102e7bf8123a2844657b916090"></a>org.eclipse.core.resources-3.9.1.v20140825-1431.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.core.resources\3.9.1.v20140825-1431\24a0e4b809d9cb102e7bf8123a2844657b916090\org.eclipse.core.resources-3.9.1.v20140825-1431.jar<br/>
                            <b>MD5:</b>&nbsp;948716ccf019137b26949aab7d2e72f0<br/>
                            <b>SHA1:</b>&nbsp;24a0e4b809d9cb102e7bf8123a2844657b916090
                                                                                </p>
                                                <h4 id="header645" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content645" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.core.resources</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.9.1.v20140825-1431</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.core.resources-3.9.1.v20140825-1431</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.9.1.v20140825</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>core</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>resources</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.core.resources; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.9.1.v20140825-1431</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.ant.core;bundle-version=&quot;[3.1.0,4.0.0)&quot;;resolution:=optional,org.eclipse.core.expressions;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.core.filesystem;bundle-version=&quot;[1.3.0,2.0.0)&quot;,org.eclipse.core.runtime;bundle-version=&quot;[3.7.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.core.resources</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.core.resources_3.9.1.v20140825-1431.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.9.1.v20140825-1431</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header646" class="subsectionheader white">Identifiers</h4>
                                                <div id="content646" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.9.1.v20140825
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.core.resources-3.9.1.v20140825-1431.jar', '24a0e4b809d9cb102e7bf8123a2844657b916090', 'cpe', 'cpe:/a:eclipse:birt:3.9.1.v20140825')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.resources/3.9.1.v20140825-1431/org.eclipse.core.resources-3.9.1.v20140825-1431.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.resources:3.9.1.v20140825-1431</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l301_ac97fcd1a043208b58e6ec13c2708e5cbfdf9a55"></a>org.eclipse.core.resources-3.9.1.v20140825-1431.jar: resources-ant.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.core.resources\3.9.1.v20140825-1431\24a0e4b809d9cb102e7bf8123a2844657b916090\org.eclipse.core.resources-3.9.1.v20140825-1431.jar\ant_tasks\resources-ant.jar<br/>
                            <b>MD5:</b>&nbsp;2e3d89f3c01f0deec05a4d04db4b67bd<br/>
                            <b>SHA1:</b>&nbsp;ac97fcd1a043208b58e6ec13c2708e5cbfdf9a55
                                                                                </p>
                                                <h4 id="header647" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content647" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>resources-ant</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ant</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>core</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>resources</td></tr>
                                                            </table>
                        </div>
                                                                        <h4 id="header648" class="subsectionheader white">Identifiers</h4>
                                                <div id="content648" class="subsectioncontent standardsubsection">
                                                    <ul><li><b>None</b></li></ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l302_47eedfa6e872020604db4b2e1949aa6ca273ac6a"></a>org.eclipse.core.runtime-3.9.0.v20130326-1255.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.core.runtime\3.9.0.v20130326-1255\47eedfa6e872020604db4b2e1949aa6ca273ac6a\org.eclipse.core.runtime-3.9.0.v20130326-1255.jar<br/>
                            <b>MD5:</b>&nbsp;0dde7c81b2e6278cdd4a4b4821a54419<br/>
                            <b>SHA1:</b>&nbsp;47eedfa6e872020604db4b2e1949aa6ca273ac6a
                                                                                </p>
                                                <h4 id="header649" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content649" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.core.runtime</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.9.0.v20130326-1255</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.core.runtime-3.9.0.v20130326-1255</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.9.0.v20130326</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>core</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>runtime</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.core.runtime; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.9.0.v20130326-1255</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.osgi;bundle-version=&quot;[3.7.0,4.0.0)&quot;;visibility:=reexport,org.eclipse.equinox.common;bundle-version=&quot;[3.6.100,4.0.0)&quot;;visibility:=reexport,org.eclipse.core.jobs;bundle-version=&quot;[3.2.0,4.0.0)&quot;;visibility:=reexport,org.eclipse.equinox.registry;bundle-version=&quot;[3.4.0,4.0.0)&quot;;visibility:=reexport,org.eclipse.equinox.preferences;bundle-version=&quot;[3.4.0,4.0.0)&quot;;visibility:=reexport,org.eclipse.core.contenttype;bundle-version=&quot;[3.3.0,4.0.0)&quot;;visibility:=reexport,org.eclipse.core.runtime.compatibility.auth;bundle-version=&quot;[3.2.0,4.0.0)&quot;;resolution:=optional,org.eclipse.equinox.app;bundle-version=&quot;1.0.0&quot;;visibility:=reexport</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.core.runtime</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.core.runtime_3.9.0.v20130326-1255.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.9.0.v20130326-1255</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header650" class="subsectionheader white">Identifiers</h4>
                                                <div id="content650" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.9.0.v20130326
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.core.runtime-3.9.0.v20130326-1255.jar', '47eedfa6e872020604db4b2e1949aa6ca273ac6a', 'cpe', 'cpe:/a:eclipse:birt:3.9.0.v20130326')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.core.runtime/3.9.0.v20130326-1255/org.eclipse.core.runtime-3.9.0.v20130326-1255.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.core.runtime:3.9.0.v20130326-1255</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l303_be66d744ac0e8f011055c37eb6c0b0b8de2d0978"></a>org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.apache.derby.dbdefinition\1.0.2.v201107221459\be66d744ac0e8f011055c37eb6c0b0b8de2d0978\org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459.jar<br/>
                            <b>MD5:</b>&nbsp;4d3e4a2cbaabc2bfa5aefb557d61ae37<br/>
                            <b>SHA1:</b>&nbsp;be66d744ac0e8f011055c37eb6c0b0b8de2d0978
                                                                                </p>
                                                <h4 id="header651" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content651" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.apache.derby.dbdefinition</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.2.v201107221459</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.2.v20110722</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.apache.derby.dbdefinition;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.2.v201107221459</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.apache.derby.dbdefinition</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.apache.derby.dbdefinition_1.0.2.v201107221459.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.2.v201107221459</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header652" class="subsectionheader white">Identifiers</h4>
                                                <div id="content652" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:derby:1.0.2.v20110722
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459.jar', 'be66d744ac0e8f011055c37eb6c0b0b8de2d0978', 'cpe', 'cpe:/a:apache:derby:1.0.2.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.apache.derby.dbdefinition/1.0.2.v201107221459/org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.apache.derby.dbdefinition:1.0.2.v201107221459</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header653" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content653" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1832">CVE-2015-1832</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459.jar', 'be66d744ac0e8f011055c37eb6c0b0b8de2d0978', 'cve', 'CVE-2015-1832')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving XmlVTI and the XML datatype.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/93132">93132</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21990100">http://www-01.ibm.com/support/docview.wss?uid=swg21990100</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.apache.org/jira/browse/DERBY-6807">https://issues.apache.org/jira/browse/DERBY-6807</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://svn.apache.org/viewvc?view=revision&amp;revision=1691461">https://svn.apache.org/viewvc?view=revision&revision=1691461</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs148"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aderby%3A10.12.1">cpe:/a:apache:derby:10.12.1</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4269">CVE-2009-4269</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459.jar', 'be66d744ac0e8f011055c37eb6c0b0b8de2d0978', 'cve', 'CVE-2009-4269')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-310 Cryptographic Issues
                            </p>
                            <p>The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/42637">42637</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269">http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html">http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.apache.org/jira/browse/DERBY-4483">https://issues.apache.org/jira/browse/DERBY-4483</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://blogs.sun.com/kah/entry/derby_10_6_1_has">http://blogs.sun.com/kah/entry/derby_10_6_1_has</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://marcellmajor.com/derbyhash.html">http://marcellmajor.com/derbyhash.html</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=apache-db-general&amp;m=127428514905504&amp;w=1">[apache-db-general] 20100519 [ANNOUNCE] Apache Derby 10.6.1.0 released</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1024977">1024977</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0149">ADV-2011-0149</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs149"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aderby%3A10.5.3.0">cpe:/a:apache:derby:10.5.3.0</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4849">CVE-2005-4849</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity.apache.derby.dbdefinition-1.0.2.v201107221459.jar', 'be66d744ac0e8f011055c37eb6c0b0b8de2d0978', 'cve', 'CVE-2005-4849')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://db.apache.org/derby/releases/release-10.1.2.1.html">http://db.apache.org/derby/releases/release-10.1.2.1.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://issues.apache.org/jira/browse/DERBY-530">http://issues.apache.org/jira/browse/DERBY-530</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://issues.apache.org/jira/browse/DERBY-559">http://issues.apache.org/jira/browse/DERBY-559</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs150"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aderby%3A10.1.1.0">cpe:/a:apache:derby:10.1.1.0</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l304_2257789d5761585d498d13bb2269c180c970f28d"></a>org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.apache.derby\1.0.103.v201212070447\2257789d5761585d498d13bb2269c180c970f28d\org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447.jar<br/>
                            <b>MD5:</b>&nbsp;b9aeb8aeaa0809e9dc4a15388ec82d8f<br/>
                            <b>SHA1:</b>&nbsp;2257789d5761585d498d13bb2269c180c970f28d
                                                                                </p>
                                                <h4 id="header654" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content654" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.apache.derby</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.103.v201212070447</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.103.v20121207</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>connectivity</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.apache.derby;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.103.v201212070447</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.emf.ecore;bundle-version=&quot;[2.2.0,3.0.0)&quot;,org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.core.resources;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.modelbase.dbdefinition;bundle-version=&quot;[0.9.0,1.5.0)&quot;,org.eclipse.datatools.modelbase.sql;bundle-version=&quot;[0.9.0,1.5.0)&quot;,org.eclipse.datatools.connectivity.sqm.core;bundle-version=&quot;[0.9.1,1.5.0)&quot;,org.eclipse.datatools.modelbase.derby;bundle-version=&quot;[0.9.0,1.5.0)&quot;,org.eclipse.datatools.connectivity;bundle-version=&quot;[1.2.2,2.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.apache.derby</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.apache.derby_1.0.103.v201212070447.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.103.v201212070447</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header655" class="subsectionheader white">Identifiers</h4>
                                                <div id="content655" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:derby:1.0.103.v20121207
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447.jar', '2257789d5761585d498d13bb2269c180c970f28d', 'cpe', 'cpe:/a:apache:derby:1.0.103.v20121207')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.apache.derby/1.0.103.v201212070447/org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.apache.derby:1.0.103.v201212070447</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header656" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content656" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1832">CVE-2015-1832</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447.jar', '2257789d5761585d498d13bb2269c180c970f28d', 'cve', 'CVE-2015-1832')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving XmlVTI and the XML datatype.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/93132">93132</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21990100">http://www-01.ibm.com/support/docview.wss?uid=swg21990100</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.apache.org/jira/browse/DERBY-6807">https://issues.apache.org/jira/browse/DERBY-6807</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://svn.apache.org/viewvc?view=revision&amp;revision=1691461">https://svn.apache.org/viewvc?view=revision&revision=1691461</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs151"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aderby%3A10.12.1">cpe:/a:apache:derby:10.12.1</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4269">CVE-2009-4269</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447.jar', '2257789d5761585d498d13bb2269c180c970f28d', 'cve', 'CVE-2009-4269')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-310 Cryptographic Issues
                            </p>
                            <p>The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/42637">42637</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269">http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html">http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.apache.org/jira/browse/DERBY-4483">https://issues.apache.org/jira/browse/DERBY-4483</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://blogs.sun.com/kah/entry/derby_10_6_1_has">http://blogs.sun.com/kah/entry/derby_10_6_1_has</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://marcellmajor.com/derbyhash.html">http://marcellmajor.com/derbyhash.html</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=apache-db-general&amp;m=127428514905504&amp;w=1">[apache-db-general] 20100519 [ANNOUNCE] Apache Derby 10.6.1.0 released</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1024977">1024977</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0149">ADV-2011-0149</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs152"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aderby%3A10.5.3.0">cpe:/a:apache:derby:10.5.3.0</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4849">CVE-2005-4849</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity.apache.derby-1.0.103.v201212070447.jar', '2257789d5761585d498d13bb2269c180c970f28d', 'cve', 'CVE-2005-4849')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://db.apache.org/derby/releases/release-10.1.2.1.html">http://db.apache.org/derby/releases/release-10.1.2.1.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://issues.apache.org/jira/browse/DERBY-530">http://issues.apache.org/jira/browse/DERBY-530</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://issues.apache.org/jira/browse/DERBY-559">http://issues.apache.org/jira/browse/DERBY-559</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs153"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Aderby%3A10.1.1.0">cpe:/a:apache:derby:10.1.1.0</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l305_2c338e35fc23603cea9ebaf5177a0c042f38eea1"></a>org.eclipse.datatools.connectivity.console.profile-1.0.10.v201109250955.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.console.profile\1.0.10.v201109250955\2c338e35fc23603cea9ebaf5177a0c042f38eea1\org.eclipse.datatools.connectivity.console.profile-1.0.10.v201109250955.jar<br/>
                            <b>MD5:</b>&nbsp;9b8e7f6c69a0bf165645503775af9154<br/>
                            <b>SHA1:</b>&nbsp;2c338e35fc23603cea9ebaf5177a0c042f38eea1
                                                                                </p>
                                                <h4 id="header657" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content657" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.console.profile</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.10.v201109250955</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.console.profile-1.0.10.v201109250955</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.10.v20110925</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>connectivity</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>console</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%plugin.name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.console.profile;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.10.v201109250955</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.3.0,4.0.0)&quot;,org.eclipse.datatools.connectivity;bundle-version=&quot;[1.2.4,2.0.0)&quot;,org.eclipse.datatools.connectivity.oda;bundle-version=&quot;[3.1.2,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.console.profile</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.console.profile_1.0.10.v201109250955.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.10.v201109250955</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header658" class="subsectionheader white">Identifiers</h4>
                                                <div id="content658" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.10.v20110925
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.console.profile-1.0.10.v201109250955.jar', '2c338e35fc23603cea9ebaf5177a0c042f38eea1', 'cpe', 'cpe:/a:eclipse:birt:1.0.10.v20110925')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.console.profile/1.0.10.v201109250955/org.eclipse.datatools.connectivity.console.profile-1.0.10.v201109250955.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.console.profile:1.0.10.v201109250955</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header659" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content659" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity.console.profile-1.0.10.v201109250955.jar', '2c338e35fc23603cea9ebaf5177a0c042f38eea1', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs154"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l306_4dd3c5554bea2302448e4201167e36e2bf11d383"></a>org.eclipse.datatools.connectivity.db.generic-1.0.1.v201107221459.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.db.generic\1.0.1.v201107221459\4dd3c5554bea2302448e4201167e36e2bf11d383\org.eclipse.datatools.connectivity.db.generic-1.0.1.v201107221459.jar<br/>
                            <b>MD5:</b>&nbsp;43b6a19ecae85c97702103d4e3aad0e2<br/>
                            <b>SHA1:</b>&nbsp;4dd3c5554bea2302448e4201167e36e2bf11d383
                                                                                </p>
                                                <h4 id="header660" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content660" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.db.generic</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.1.v201107221459</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.db.generic-1.0.1.v201107221459</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.1.v20110722</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>connectivity</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>db</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Bundle-Name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.db.generic; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.1.v201107221459</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.connectivity;bundle-version=&quot;[0.9.1,1.5.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.db.generic</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.db.generic_1.0.1.v201107221459.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.1.v201107221459</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header661" class="subsectionheader white">Identifiers</h4>
                                                <div id="content661" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.1.v20110722
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.db.generic-1.0.1.v201107221459.jar', '4dd3c5554bea2302448e4201167e36e2bf11d383', 'cpe', 'cpe:/a:eclipse:birt:1.0.1.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.db.generic/1.0.1.v201107221459/org.eclipse.datatools.connectivity.db.generic-1.0.1.v201107221459.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.db.generic:1.0.1.v201107221459</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header662" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content662" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity.db.generic-1.0.1.v201107221459.jar', '4dd3c5554bea2302448e4201167e36e2bf11d383', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs155"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l307_1ee4dc13d331d13f2be2f1cb1b62b789c25db9cc"></a>org.eclipse.datatools.connectivity.dbdefinition.genericJDBC-1.0.1.v201107221459.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.dbdefinition.genericJDBC\1.0.1.v201107221459\1ee4dc13d331d13f2be2f1cb1b62b789c25db9cc\org.eclipse.datatools.connectivity.dbdefinition.genericJDBC-1.0.1.v201107221459.jar<br/>
                            <b>MD5:</b>&nbsp;6fdf12a21f1fed08aa2588709699aba1<br/>
                            <b>SHA1:</b>&nbsp;1ee4dc13d331d13f2be2f1cb1b62b789c25db9cc
                                                                                </p>
                                                <h4 id="header663" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content663" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.dbdefinition.genericJDBC</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.1.v201107221459</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.dbdefinition.genericJDBC-1.0.1.v201107221459</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.1.v20110722</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.dbdefinition.genericJDBC; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.1.v201107221459</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.dbdefinition.genericJDBC</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.dbdefinition.genericJDBC_1.0.1.v201107221459.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.1.v201107221459</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header664" class="subsectionheader white">Identifiers</h4>
                                                <div id="content664" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.1.v20110722
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.dbdefinition.genericJDBC-1.0.1.v201107221459.jar', '1ee4dc13d331d13f2be2f1cb1b62b789c25db9cc', 'cpe', 'cpe:/a:eclipse:birt:1.0.1.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.dbdefinition.genericJDBC/1.0.1.v201107221459/org.eclipse.datatools.connectivity.dbdefinition.genericJDBC-1.0.1.v201107221459.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.dbdefinition.genericJDBC:1.0.1.v201107221459</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header665" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content665" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity.dbdefinition.genericJDBC-1.0.1.v201107221459.jar', '1ee4dc13d331d13f2be2f1cb1b62b789c25db9cc', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs156"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l308_45205c69d334dec54f76f8e2a5cacab8accde588"></a>org.eclipse.datatools.connectivity.oda.consumer-3.2.6.v201305170644.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.oda.consumer\3.2.6.v201305170644\45205c69d334dec54f76f8e2a5cacab8accde588\org.eclipse.datatools.connectivity.oda.consumer-3.2.6.v201305170644.jar<br/>
                            <b>MD5:</b>&nbsp;600a4ccb15bfeb916a514d507e3f6c5d<br/>
                            <b>SHA1:</b>&nbsp;45205c69d334dec54f76f8e2a5cacab8accde588
                                                                                </p>
                                                <h4 id="header666" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content666" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.oda.consumer</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.2.6.v201305170644</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.oda.consumer-3.2.6.v201305170644</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.2.6.v20130517</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>connectivity</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>oda</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>DTP ODA Consumer Helper Component Plug-in</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.oda.consumer;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.2.6.v201305170644</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.connectivity.oda;bundle-version=&quot;[3.4.0,4.0.0)&quot;;visibility:=reexport</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.oda.consumer</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.oda.consumer_3.2.6.v201305170644.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.2.6.v201305170644</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header667" class="subsectionheader white">Identifiers</h4>
                                                <div id="content667" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.2.6.v20130517
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.oda.consumer-3.2.6.v201305170644.jar', '45205c69d334dec54f76f8e2a5cacab8accde588', 'cpe', 'cpe:/a:eclipse:birt:3.2.6.v20130517')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.oda.consumer/3.2.6.v201305170644/org.eclipse.datatools.connectivity.oda.consumer-3.2.6.v201305170644.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.consumer:3.2.6.v201305170644</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l309_bce1829458bb7c58200cb72c045d48e82702d0a8"></a>org.eclipse.datatools.connectivity.oda.design-3.3.6.v201212070447.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.oda.design\3.3.6.v201212070447\bce1829458bb7c58200cb72c045d48e82702d0a8\org.eclipse.datatools.connectivity.oda.design-3.3.6.v201212070447.jar<br/>
                            <b>MD5:</b>&nbsp;adda38edf0bc609098de5f74d24de2e3<br/>
                            <b>SHA1:</b>&nbsp;bce1829458bb7c58200cb72c045d48e82702d0a8
                                                                                </p>
                                                <h4 id="header668" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content668" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.oda.design</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.3.6.v201212070447</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.oda.design-3.3.6.v201212070447</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.3.6.v20121207</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>connectivity</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>oda</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.oda.design; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.3.6.v201212070447</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.4.0,4.0.0)&quot;,org.eclipse.emf.ecore;bundle-version=&quot;[2.4.0,3.0.0)&quot;;visibility:=reexport,org.eclipse.emf.ecore.xmi;bundle-version=&quot;[2.4.0,3.0.0)&quot;;visibility:=reexport,com.ibm.icu;bundle-version=&quot;3.4.4&quot;;visibility:=reexport</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.oda.design</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.oda.design_3.3.6.v201212070447.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.3.6.v201212070447</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header669" class="subsectionheader white">Identifiers</h4>
                                                <div id="content669" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.3.6.v20121207
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.oda.design-3.3.6.v201212070447.jar', 'bce1829458bb7c58200cb72c045d48e82702d0a8', 'cpe', 'cpe:/a:eclipse:birt:3.3.6.v20121207')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.oda.design/3.3.6.v201212070447/org.eclipse.datatools.connectivity.oda.design-3.3.6.v201212070447.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.design:3.3.6.v201212070447</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l310_3c62f783f8ac17aca5250f2a640dfd85c1df9178"></a>org.eclipse.datatools.connectivity.oda.flatfile-3.1.8.v201403010906.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.oda.flatfile\3.1.8.v201403010906\3c62f783f8ac17aca5250f2a640dfd85c1df9178\org.eclipse.datatools.connectivity.oda.flatfile-3.1.8.v201403010906.jar<br/>
                            <b>MD5:</b>&nbsp;3e014761ed380e969a586131b8138f5f<br/>
                            <b>SHA1:</b>&nbsp;3c62f783f8ac17aca5250f2a640dfd85c1df9178
                                                                                </p>
                                                <h4 id="header670" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content670" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.oda.flatfile</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.1.8.v201403010906</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.oda.flatfile-3.1.8.v201403010906</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.1.8.v20140301</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>connectivity</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>oda</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%plugin.name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.oda.flatfile; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.1.8.v201403010906</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.connectivity.oda;bundle-version=&quot;[3.3.3,4.0.0)&quot;,org.eclipse.datatools.connectivity.oda.profile;bundle-version=&quot;[3.2.7,4.0.0)&quot;;resolution:=optional</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.oda.flatfile</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.oda.flatfile_3.1.8.v201403010906.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.1.8.v201403010906</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header671" class="subsectionheader white">Identifiers</h4>
                                                <div id="content671" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.1.8.v20140301
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.oda.flatfile-3.1.8.v201403010906.jar', '3c62f783f8ac17aca5250f2a640dfd85c1df9178', 'cpe', 'cpe:/a:eclipse:birt:3.1.8.v20140301')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.oda.flatfile/3.1.8.v201403010906/org.eclipse.datatools.connectivity.oda.flatfile-3.1.8.v201403010906.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.flatfile:3.1.8.v201403010906</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l311_2f795c899dac80982e95c9e2d5413ef88031cdab"></a>org.eclipse.datatools.connectivity.oda.profile-3.2.9.v201403131814.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.oda.profile\3.2.9.v201403131814\2f795c899dac80982e95c9e2d5413ef88031cdab\org.eclipse.datatools.connectivity.oda.profile-3.2.9.v201403131814.jar<br/>
                            <b>MD5:</b>&nbsp;d6c9ad09ad88bc0daf6b3413d14d546b<br/>
                            <b>SHA1:</b>&nbsp;2f795c899dac80982e95c9e2d5413ef88031cdab
                                                                                </p>
                                                <h4 id="header672" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content672" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.oda.profile</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.2.9.v201403131814</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.oda.profile-3.2.9.v201403131814</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.2.9.v20140313</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>connectivity</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>oda</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%plugin.name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.oda.profile;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.2.9.v201403131814</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.datatools.connectivity;bundle-version=&quot;[1.2.2,2.0.0)&quot;;visibility:=reexport,org.eclipse.datatools.connectivity.oda.consumer;bundle-version=&quot;[3.2.5,4.0.0)&quot;,org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.oda.profile</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.oda.profile_3.2.9.v201403131814.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.2.9.v201403131814</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header673" class="subsectionheader white">Identifiers</h4>
                                                <div id="content673" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.2.9.v20140313
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.oda.profile-3.2.9.v201403131814.jar', '2f795c899dac80982e95c9e2d5413ef88031cdab', 'cpe', 'cpe:/a:eclipse:birt:3.2.9.v20140313')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.oda.profile/3.2.9.v201403131814/org.eclipse.datatools.connectivity.oda.profile-3.2.9.v201403131814.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda.profile:3.2.9.v201403131814</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l312_91fa06c7a97275ea799fec9d557fc60def2e443d"></a>org.eclipse.datatools.connectivity.oda-3.4.3.v201405301249.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.oda\3.4.3.v201405301249\91fa06c7a97275ea799fec9d557fc60def2e443d\org.eclipse.datatools.connectivity.oda-3.4.3.v201405301249.jar<br/>
                            <b>MD5:</b>&nbsp;27cd0708de3587669ce5757e86d90a42<br/>
                            <b>SHA1:</b>&nbsp;91fa06c7a97275ea799fec9d557fc60def2e443d
                                                                                </p>
                                                <h4 id="header674" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content674" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.oda</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.4.3.v201405301249</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.oda-3.4.3.v201405301249</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.4.3.v20140530</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>connectivity</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>oda</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>DTP Open Data Access</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.oda; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.4.3.v201405301249</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.3.0,4.0.0)&quot;;visibility:=reexport,com.ibm.icu;bundle-version=&quot;3.4.4&quot;;visibility:=reexport</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.oda</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.oda_3.4.3.v201405301249.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.4.3.v201405301249</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header675" class="subsectionheader white">Identifiers</h4>
                                                <div id="content675" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.4.3.v20140530
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.oda-3.4.3.v201405301249.jar', '91fa06c7a97275ea799fec9d557fc60def2e443d', 'cpe', 'cpe:/a:eclipse:birt:3.4.3.v20140530')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.oda/3.4.3.v201405301249/org.eclipse.datatools.connectivity.oda-3.4.3.v201405301249.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.oda:3.4.3.v201405301249</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l313_c0d3d79971a815a4db6c5b009ada4f0f1f44e043"></a>org.eclipse.datatools.connectivity.sqm.core-1.2.8.v201401230755.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity.sqm.core\1.2.8.v201401230755\c0d3d79971a815a4db6c5b009ada4f0f1f44e043\org.eclipse.datatools.connectivity.sqm.core-1.2.8.v201401230755.jar<br/>
                            <b>MD5:</b>&nbsp;95679c586bf2429199ee06a9ad56a618<br/>
                            <b>SHA1:</b>&nbsp;c0d3d79971a815a4db6c5b009ada4f0f1f44e043
                                                                                </p>
                                                <h4 id="header676" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content676" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity.sqm.core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.8.v201401230755</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity.sqm.core-1.2.8.v201401230755</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.8.v20140123</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>connectivity</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sqm</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity.sqm.core; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2.8.v201401230755</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.resources;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.emf.ecore.change;bundle-version=&quot;[2.2.0,3.0.0)&quot;,org.eclipse.emf.ecore.xmi;bundle-version=&quot;[2.2.0,3.0.0)&quot;,org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.modelbase.sql;bundle-version=&quot;[0.9.0,1.5.0)&quot;,org.eclipse.datatools.modelbase.dbdefinition;bundle-version=&quot;[0.9.0,1.5.0)&quot;,org.eclipse.datatools.connectivity;bundle-version=&quot;[1.2.3,2.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity.sqm.core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity.sqm.core_1.2.8.v201401230755.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.8.v201401230755</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header677" class="subsectionheader white">Identifiers</h4>
                                                <div id="content677" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.2.8.v20140123
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity.sqm.core-1.2.8.v201401230755.jar', 'c0d3d79971a815a4db6c5b009ada4f0f1f44e043', 'cpe', 'cpe:/a:eclipse:birt:1.2.8.v20140123')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity.sqm.core/1.2.8.v201401230755/org.eclipse.datatools.connectivity.sqm.core-1.2.8.v201401230755.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity.sqm.core:1.2.8.v201401230755</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header678" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content678" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity.sqm.core-1.2.8.v201401230755.jar', 'c0d3d79971a815a4db6c5b009ada4f0f1f44e043', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs157"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l314_2e2f258cf40953e97423343786eed44aaef5e207"></a>org.eclipse.datatools.connectivity-1.2.11.v201401230755.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.connectivity\1.2.11.v201401230755\2e2f258cf40953e97423343786eed44aaef5e207\org.eclipse.datatools.connectivity-1.2.11.v201401230755.jar<br/>
                            <b>MD5:</b>&nbsp;c8631d909028582b83a8df2e9691c6b9<br/>
                            <b>SHA1:</b>&nbsp;2e2f258cf40953e97423343786eed44aaef5e207
                                                                                </p>
                                                <h4 id="header679" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content679" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.connectivity</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.11.v201401230755</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.connectivity-1.2.11.v201401230755</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.11.v20140123</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>connectivity</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Plugin.Name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.connectivity; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2.11.v201401230755</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.core.resources;bundle-version=&quot;[3.2.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.connectivity</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.connectivity_1.2.11.v201401230755.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.11.v201401230755</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header680" class="subsectionheader white">Identifiers</h4>
                                                <div id="content680" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.2.11.v20140123
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.connectivity-1.2.11.v201401230755.jar', '2e2f258cf40953e97423343786eed44aaef5e207', 'cpe', 'cpe:/a:eclipse:birt:1.2.11.v20140123')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.connectivity/1.2.11.v201401230755/org.eclipse.datatools.connectivity-1.2.11.v201401230755.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.connectivity:1.2.11.v201401230755</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header681" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content681" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.connectivity-1.2.11.v201401230755.jar', '2e2f258cf40953e97423343786eed44aaef5e207', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs158"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l315_aa3214296e97b4dfd14345acea23f2c92e992c36"></a>org.eclipse.datatools.enablement.hsqldb.dbdefinition-1.0.0.v201107221502.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.hsqldb.dbdefinition\1.0.0.v201107221502\aa3214296e97b4dfd14345acea23f2c92e992c36\org.eclipse.datatools.enablement.hsqldb.dbdefinition-1.0.0.v201107221502.jar<br/>
                            <b>MD5:</b>&nbsp;05e41d890be61af0474adb514358d03c<br/>
                            <b>SHA1:</b>&nbsp;aa3214296e97b4dfd14345acea23f2c92e992c36
                                                                                </p>
                                                <h4 id="header682" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content682" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.hsqldb.dbdefinition</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.0.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.hsqldb.dbdefinition-1.0.0.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.0.v20110722</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Bundle-Name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.hsqldb.dbdefinition; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.0.v201107221502</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.hsqldb.dbdefinition</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.hsqldb.dbdefinition_1.0.0.v201107221502.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.0.v201107221502</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header683" class="subsectionheader white">Identifiers</h4>
                                                <div id="content683" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.0.v20110722
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.hsqldb.dbdefinition-1.0.0.v201107221502.jar', 'aa3214296e97b4dfd14345acea23f2c92e992c36', 'cpe', 'cpe:/a:eclipse:birt:1.0.0.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.hsqldb.dbdefinition/1.0.0.v201107221502/org.eclipse.datatools.enablement.hsqldb.dbdefinition-1.0.0.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.hsqldb.dbdefinition:1.0.0.v201107221502</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header684" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content684" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.hsqldb.dbdefinition-1.0.0.v201107221502.jar', 'aa3214296e97b4dfd14345acea23f2c92e992c36', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs159"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l316_5f987f4588c989290c038bd70460c36caa972c0b"></a>org.eclipse.datatools.enablement.hsqldb-1.0.0.v201107221502.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.hsqldb\1.0.0.v201107221502\5f987f4588c989290c038bd70460c36caa972c0b\org.eclipse.datatools.enablement.hsqldb-1.0.0.v201107221502.jar<br/>
                            <b>MD5:</b>&nbsp;7acc8fad3f0bc091eaa32030fb8cdbf5<br/>
                            <b>SHA1:</b>&nbsp;5f987f4588c989290c038bd70460c36caa972c0b
                                                                                </p>
                                                <h4 id="header685" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content685" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.hsqldb</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.0.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.hsqldb-1.0.0.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.0.v20110722</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>enablement</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hsqldb</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Bundle-Name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.hsqldb;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.0.v201107221502</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.datatools.connectivity;bundle-version=&quot;[1.0.0,1.5.0)&quot;,org.eclipse.datatools.connectivity.sqm.core;bundle-version=&quot;[1.0.0,1.5.0)&quot;,org.eclipse.datatools.modelbase.sql;bundle-version=&quot;[1.0.0,1.5.0)&quot;,org.eclipse.datatools.modelbase.dbdefinition;bundle-version=&quot;[1.0.0,1.5.0)&quot;,org.eclipse.datatools.connectivity.db.generic;bundle-version=&quot;[1.0.0,1.5.0)&quot;,org.eclipse.emf.ecore.xmi</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.hsqldb</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.hsqldb_1.0.0.v201107221502.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.0.v201107221502</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header686" class="subsectionheader white">Identifiers</h4>
                                                <div id="content686" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.0.v20110722
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.hsqldb-1.0.0.v201107221502.jar', '5f987f4588c989290c038bd70460c36caa972c0b', 'cpe', 'cpe:/a:eclipse:birt:1.0.0.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.hsqldb/1.0.0.v201107221502/org.eclipse.datatools.enablement.hsqldb-1.0.0.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.hsqldb:1.0.0.v201107221502</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header687" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content687" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.hsqldb-1.0.0.v201107221502.jar', '5f987f4588c989290c038bd70460c36caa972c0b', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs160"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l317_7ba2ad3443244862426b20f2da73bb78c7223287"></a>org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition\1.0.4.v201107221502\7ba2ad3443244862426b20f2da73bb78c7223287\org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar<br/>
                            <b>MD5:</b>&nbsp;a3575eef5353ab6e216804bb4b99d36e<br/>
                            <b>SHA1:</b>&nbsp;7ba2ad3443244862426b20f2da73bb78c7223287
                                                                                </p>
                                                <h4 id="header688" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content688" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.4.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.4.v20110722</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.4.v201107221502</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.ibm.db2.luw.dbdefinition</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition_1.0.4.v201107221502.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.4.v201107221502</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header689" class="subsectionheader white">Identifiers</h4>
                                                <div id="content689" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aibm%3Adb2" target="_blank">cpe:/a:ibm:db2:1.0.4.v20110722</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cpe', 'cpe:/a:ibm:db2:1.0.4.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition/1.0.4.v201107221502/org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition:1.0.4.v201107221502</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header690" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content690" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3324">CVE-2012-3324</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2012-3324')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
                            </p>
                            <p>Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC85513">IC85513</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21611040">http://www-01.ibm.com/support/docview.wss?uid=swg21611040</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/77924">db2-utlfile-dir-traversal(77924)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs161', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs161"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2">cpe:/a:ibm:db2</a> </li>
                                    <li class="vs161">...</li>
                                                                    <li class="vs161 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2">cpe:/a:ibm:db2</a> </li>
                                                                    <li class="vs161 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2_connect%3A10.1">cpe:/a:ibm:db2_connect:10.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1847">CVE-2011-1847</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2011-1847')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:N/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement.  NOTE: some of these details are obtained from third party information.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC71413">IC71413</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC72119">IC72119</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/47525">47525</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC71413">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71413</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC72119">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC72119</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/1083">ADV-2011-1083</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/66979">ibm-db2-rds-sec-bypass(66979)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs162', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs162"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                    <li class="vs162">...</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2">cpe:/a:ibm:db2:9.5:fp2</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3">cpe:/a:ibm:db2:9.5:fp3</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3a">cpe:/a:ibm:db2:9.5:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3b">cpe:/a:ibm:db2:9.5:fp3b</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4">cpe:/a:ibm:db2:9.5:fp4</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4a">cpe:/a:ibm:db2:9.5:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp5">cpe:/a:ibm:db2:9.5:fp5</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6">cpe:/a:ibm:db2:9.5:fp6</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6a">cpe:/a:ibm:db2:9.5:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7">cpe:/a:ibm:db2:9.7</a> </li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp1">cpe:/a:ibm:db2:9.7:fp1</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp2">cpe:/a:ibm:db2:9.7:fp2</a>  and all previous versions</li>
                                                                    <li class="vs162 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp3">cpe:/a:ibm:db2:9.7:fp3</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1846">CVE-2011-1846</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2011-1846')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757.  NOTE: some of these details are obtained from third party information.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263">IC71263</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375">IC71375</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/47525">47525</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC71263">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71263</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC71375">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71375</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/1083">ADV-2011-1083</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/66980">db2-data-services-sec-bypass(66980)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs163', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs163"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                    <li class="vs163">...</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2">cpe:/a:ibm:db2:9.5:fp2</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3">cpe:/a:ibm:db2:9.5:fp3</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3a">cpe:/a:ibm:db2:9.5:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3b">cpe:/a:ibm:db2:9.5:fp3b</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4">cpe:/a:ibm:db2:9.5:fp4</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4a">cpe:/a:ibm:db2:9.5:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp5">cpe:/a:ibm:db2:9.5:fp5</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6">cpe:/a:ibm:db2:9.5:fp6</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6a">cpe:/a:ibm:db2:9.5:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7">cpe:/a:ibm:db2:9.7</a> </li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp1">cpe:/a:ibm:db2:9.7:fp1</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp2">cpe:/a:ibm:db2:9.7:fp2</a>  and all previous versions</li>
                                                                    <li class="vs163 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp3">cpe:/a:ibm:db2:9.7:fp3</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1373">CVE-2011-1373</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2011-1373')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 1.5 (AV:L/AC:M/Au:S/C:N/I:N/A:P)
                            </p>
                            <p>Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC70473">IC70473</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/71043">db2-stmm-dos(71043)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs164', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs164"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7.0.4">cpe:/a:ibm:db2:9.7.0.4</a>  and all previous versions</li>
                                    <li class="vs164">...</li>
                                                                    <li class="vs164 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7.0.1">cpe:/a:ibm:db2:9.7.0.1</a> </li>
                                                                    <li class="vs164 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7.0.2">cpe:/a:ibm:db2:9.7.0.2</a> </li>
                                                                    <li class="vs164 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7.0.3">cpe:/a:ibm:db2:9.7.0.3</a> </li>
                                                                    <li class="vs164 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7.0.4">cpe:/a:ibm:db2:9.7.0.4</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0757">CVE-2011-0757</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2011-0757')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg1IC66811">IC66811</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg1IC66814">IC66814</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg1IC66815">IC66815</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/46064">46064</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC66811">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC66811</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC66814">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC66814</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC66815">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC66815</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg21426108">http://www.ibm.com/support/docview.wss?uid=swg21426108</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/65008">ibm-db2-dbadm-priv-esc(65008)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs165', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs165"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                    <li class="vs165">...</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2a">cpe:/a:ibm:db2:9.1:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6a">cpe:/a:ibm:db2:9.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7">cpe:/a:ibm:db2:9.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7a">cpe:/a:ibm:db2:9.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp8">cpe:/a:ibm:db2:9.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp9">cpe:/a:ibm:db2:9.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2">cpe:/a:ibm:db2:9.5:fp2</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3">cpe:/a:ibm:db2:9.5:fp3</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3a">cpe:/a:ibm:db2:9.5:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3b">cpe:/a:ibm:db2:9.5:fp3b</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4">cpe:/a:ibm:db2:9.5:fp4</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4a">cpe:/a:ibm:db2:9.5:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp5">cpe:/a:ibm:db2:9.5:fp5</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6">cpe:/a:ibm:db2:9.5:fp6</a>  and all previous versions</li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7">cpe:/a:ibm:db2:9.7</a> </li>
                                                                    <li class="vs165 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp1">cpe:/a:ibm:db2:9.7:fp1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0731">CVE-2011-0731</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2011-0731')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC71203">IC71203</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC72028">IC72028</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC72029">IC72029</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/46052">46052</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs166', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs166"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                    <li class="vs166">...</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2a">cpe:/a:ibm:db2:9.1:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6a">cpe:/a:ibm:db2:9.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7">cpe:/a:ibm:db2:9.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7a">cpe:/a:ibm:db2:9.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp8">cpe:/a:ibm:db2:9.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp9">cpe:/a:ibm:db2:9.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2">cpe:/a:ibm:db2:9.5:fp2</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3">cpe:/a:ibm:db2:9.5:fp3</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3a">cpe:/a:ibm:db2:9.5:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3b">cpe:/a:ibm:db2:9.5:fp3b</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4">cpe:/a:ibm:db2:9.5:fp4</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4a">cpe:/a:ibm:db2:9.5:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp5">cpe:/a:ibm:db2:9.5:fp5</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6">cpe:/a:ibm:db2:9.5:fp6</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6a">cpe:/a:ibm:db2:9.5:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7">cpe:/a:ibm:db2:9.7</a> </li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp1">cpe:/a:ibm:db2:9.7:fp1</a>  and all previous versions</li>
                                                                    <li class="vs166 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp2">cpe:/a:ibm:db2:9.7:fp2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1560">CVE-2010-1560</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2010-1560')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users to cause a denial of service (trap) via unspecified vectors. NOTE: this might overlap CVE-2010-0462.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC65922">IC65922</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21426108">http://www-01.ibm.com/support/docview.wss?uid=swg21426108</a></li>
                                                                            <li>VIM - <a target="_blank" href="http://attrition.org/pipermail/vim/2010-April/002341.html">20100423 IBM 'REPEAT' BoF advisory - APAR IC65922</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/0982">ADV-2010-0982</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/58070">db2-repeat-dos(58070)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs167', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs167"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                    <li class="vs167">...</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6a">cpe:/a:ibm:db2:9.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7">cpe:/a:ibm:db2:9.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7a">cpe:/a:ibm:db2:9.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs167 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp8">cpe:/a:ibm:db2:9.1:fp8</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2860">CVE-2009-2860</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2009-2860')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows remote attackers to cause a denial of service (service crash) via &quot;malicious packets.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg24024075">http://www-01.ibm.com/support/docview.wss?uid=swg24024075</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/2293">ADV-2009-2293</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs168', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs168"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                    <li class="vs168">...</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp1">cpe:/a:ibm:db2:8.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp11">cpe:/a:ibm:db2:8.1:fp11</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp12">cpe:/a:ibm:db2:8.1:fp12</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp13">cpe:/a:ibm:db2:8.1:fp13</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp14">cpe:/a:ibm:db2:8.1:fp14</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp15">cpe:/a:ibm:db2:8.1:fp15</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17">cpe:/a:ibm:db2:8.1:fp17</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17a">cpe:/a:ibm:db2:8.1:fp17a</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp2">cpe:/a:ibm:db2:8.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp3">cpe:/a:ibm:db2:8.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4">cpe:/a:ibm:db2:8.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4a">cpe:/a:ibm:db2:8.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp5">cpe:/a:ibm:db2:8.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6">cpe:/a:ibm:db2:8.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6a">cpe:/a:ibm:db2:8.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6b">cpe:/a:ibm:db2:8.1:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6c">cpe:/a:ibm:db2:8.1:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7">cpe:/a:ibm:db2:8.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7a">cpe:/a:ibm:db2:8.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8">cpe:/a:ibm:db2:8.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8a">cpe:/a:ibm:db2:8.1:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9">cpe:/a:ibm:db2:8.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs168 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9a">cpe:/a:ibm:db2:8.1:fp9a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2859">CVE-2009-2859</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2009-2859')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>IBM DB2 8.1 before FP18 allows attackers to obtain unspecified access via a das command.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg24024075">http://www-01.ibm.com/support/docview.wss?uid=swg24024075</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/2293">ADV-2009-2293</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs169', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs169"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                    <li class="vs169">...</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp1">cpe:/a:ibm:db2:8.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp11">cpe:/a:ibm:db2:8.1:fp11</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp12">cpe:/a:ibm:db2:8.1:fp12</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp13">cpe:/a:ibm:db2:8.1:fp13</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp14">cpe:/a:ibm:db2:8.1:fp14</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp15">cpe:/a:ibm:db2:8.1:fp15</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17">cpe:/a:ibm:db2:8.1:fp17</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17a">cpe:/a:ibm:db2:8.1:fp17a</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp2">cpe:/a:ibm:db2:8.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp3">cpe:/a:ibm:db2:8.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4">cpe:/a:ibm:db2:8.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4a">cpe:/a:ibm:db2:8.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp5">cpe:/a:ibm:db2:8.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6">cpe:/a:ibm:db2:8.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6a">cpe:/a:ibm:db2:8.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6b">cpe:/a:ibm:db2:8.1:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6c">cpe:/a:ibm:db2:8.1:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7">cpe:/a:ibm:db2:8.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7a">cpe:/a:ibm:db2:8.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8">cpe:/a:ibm:db2:8.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8a">cpe:/a:ibm:db2:8.1:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9">cpe:/a:ibm:db2:8.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs169 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9a">cpe:/a:ibm:db2:8.1:fp9a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2858">CVE-2009-2858</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2009-2858')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>Memory leak in the Security component in IBM DB2 8.1 before FP18 on Unix platforms allows attackers to cause a denial of service (memory consumption) via unspecified vectors, related to private memory within the DB2 memory structure.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IZ35635">IZ35635</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg24024075">http://www-01.ibm.com/support/docview.wss?uid=swg24024075</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs170', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs170"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                    <li class="vs170">...</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp1">cpe:/a:ibm:db2:8.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp11">cpe:/a:ibm:db2:8.1:fp11</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp12">cpe:/a:ibm:db2:8.1:fp12</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp13">cpe:/a:ibm:db2:8.1:fp13</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp14">cpe:/a:ibm:db2:8.1:fp14</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp15">cpe:/a:ibm:db2:8.1:fp15</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17">cpe:/a:ibm:db2:8.1:fp17</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17a">cpe:/a:ibm:db2:8.1:fp17a</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp2">cpe:/a:ibm:db2:8.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp3">cpe:/a:ibm:db2:8.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4">cpe:/a:ibm:db2:8.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4a">cpe:/a:ibm:db2:8.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp5">cpe:/a:ibm:db2:8.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6">cpe:/a:ibm:db2:8.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6a">cpe:/a:ibm:db2:8.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6b">cpe:/a:ibm:db2:8.1:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6c">cpe:/a:ibm:db2:8.1:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7">cpe:/a:ibm:db2:8.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7a">cpe:/a:ibm:db2:8.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8">cpe:/a:ibm:db2:8.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8a">cpe:/a:ibm:db2:8.1:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9">cpe:/a:ibm:db2:8.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs170 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9a">cpe:/a:ibm:db2:8.1:fp9a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1905">CVE-2009-1905</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2009-1905')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-287 Improper Authentication
                            </p>
                            <p>The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1JR32268">JR32268</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1JR32272">JR32272</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1JR32273">JR32273</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/35171">35171</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36540">36540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21293566">http://www-01.ibm.com/support/docview.wss?uid=swg21293566</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21318189">http://www-01.ibm.com/support/docview.wss?uid=swg21318189</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21386689">http://www-01.ibm.com/support/docview.wss?uid=swg21386689</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1022319">1022319</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/50909">ibmdb2-ldap-security-bypass(50909)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs171', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs171"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                    <li class="vs171">...</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afix_pack15">cpe:/a:ibm:db2:8.0:fix_pack15</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp1">cpe:/a:ibm:db2:8.0:fp1</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp10">cpe:/a:ibm:db2:8.0:fp10</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp11">cpe:/a:ibm:db2:8.0:fp11</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp12">cpe:/a:ibm:db2:8.0:fp12</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp13">cpe:/a:ibm:db2:8.0:fp13</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp14">cpe:/a:ibm:db2:8.0:fp14</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp15">cpe:/a:ibm:db2:8.0:fp15</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp16">cpe:/a:ibm:db2:8.0:fp16</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs171 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1239">CVE-2009-1239</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2009-1239')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886">JR31886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21381257">http://www-01.ibm.com/support/docview.wss?uid=swg21381257</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0912">ADV-2009-0912</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/49864">db2-predicate-information-disclosure(49864)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs172', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs172"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                    <li class="vs172">...</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Aconnect_server">cpe:/a:ibm:db2:9.1::connect_server</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Aenterprise_server">cpe:/a:ibm:db2:9.1::enterprise_server</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Aexpress_server">cpe:/a:ibm:db2:9.1::express_server</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Apersonal">cpe:/a:ibm:db2:9.1::personal</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Aworkgroup_server">cpe:/a:ibm:db2:9.1::workgroup_server</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a> </li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1%3Aunix">cpe:/a:ibm:db2:9.1:fp1:unix</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1%3Awindows">cpe:/a:ibm:db2:9.1:fp1:windows</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs172 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6a">cpe:/a:ibm:db2:9.1:fp6a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4693">CVE-2008-4693</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2008-4693')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading &quot;PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg27013892">http://www-01.ibm.com/support/docview.wss?uid=swg27013892</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2893">ADV-2008-2893</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/46022">ibm-db2-sortlist-info-disclosure(46022)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs173', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs173"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                    <li class="vs173">...</li>
                                                                    <li class="vs173 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs173 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs173 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs173 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs173 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs173 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs173 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs173 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs173 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs173 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4692">CVE-2008-4692</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2008-4692')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
                            </p>
                            <p>The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg27013892">http://www-01.ibm.com/support/docview.wss?uid=swg27013892</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2893">ADV-2008-2893</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/46021">ibm-db2-native-managed-unspecified(46021)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs174', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs174"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                    <li class="vs174">...</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp1">cpe:/a:ibm:db2:8.0:fp1</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp10">cpe:/a:ibm:db2:8.0:fp10</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp11">cpe:/a:ibm:db2:8.0:fp11</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp12">cpe:/a:ibm:db2:8.0:fp12</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp13">cpe:/a:ibm:db2:8.0:fp13</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp14">cpe:/a:ibm:db2:8.0:fp14</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp15">cpe:/a:ibm:db2:8.0:fp15</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp16">cpe:/a:ibm:db2:8.0:fp16</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp2">cpe:/a:ibm:db2:8.0:fp2</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp3">cpe:/a:ibm:db2:8.0:fp3</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp4">cpe:/a:ibm:db2:8.0:fp4</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp4a">cpe:/a:ibm:db2:8.0:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp5">cpe:/a:ibm:db2:8.0:fp5</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6">cpe:/a:ibm:db2:8.0:fp6</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6a">cpe:/a:ibm:db2:8.0:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6b">cpe:/a:ibm:db2:8.0:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6c">cpe:/a:ibm:db2:8.0:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7">cpe:/a:ibm:db2:8.0:fp7</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7a">cpe:/a:ibm:db2:8.0:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8">cpe:/a:ibm:db2:8.0:fp8</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8a">cpe:/a:ibm:db2:8.0:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9">cpe:/a:ibm:db2:8.0:fp9</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9a">cpe:/a:ibm:db2:8.0:fp9a</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs174 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4691">CVE-2008-4691</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2008-4691')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Unspecified vulnerability in the SQLNLS_UNPADDEDCHARLEN function in the New Compiler (aka Starburst derived compiler) component in the server in IBM DB2 9.1 before FP6 allows attackers to cause a denial of service (segmentation violation and trap) via unknown vectors.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1LI73364">LI73364</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg27013892">http://www-01.ibm.com/support/docview.wss?uid=swg27013892</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2893">ADV-2008-2893</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs175', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs175"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                    <li class="vs175">...</li>
                                                                    <li class="vs175 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs175 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs175 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs175 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs175 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs175 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs175 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs175 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3959">CVE-2008-3959</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2008-3959')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05043">IZ05043</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.appsecinc.com/resources/alerts/db2/2008-01.shtml">http://www.appsecinc.com/resources/alerts/db2/2008-01.shtml</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/45134">ibm-db2-connect-attach-dos2(45134)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs176', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs176"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                    <li class="vs176">...</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp1">cpe:/a:ibm:db2:8.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp11">cpe:/a:ibm:db2:8.1:fp11</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp12">cpe:/a:ibm:db2:8.1:fp12</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp13">cpe:/a:ibm:db2:8.1:fp13</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp14">cpe:/a:ibm:db2:8.1:fp14</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp15">cpe:/a:ibm:db2:8.1:fp15</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp2">cpe:/a:ibm:db2:8.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp3">cpe:/a:ibm:db2:8.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4">cpe:/a:ibm:db2:8.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp5">cpe:/a:ibm:db2:8.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6">cpe:/a:ibm:db2:8.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7">cpe:/a:ibm:db2:8.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8">cpe:/a:ibm:db2:8.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9">cpe:/a:ibm:db2:8.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2">cpe:/a:ibm:db2:8.2</a> </li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp1">cpe:/a:ibm:db2:8.2:fp1</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp2">cpe:/a:ibm:db2:8.2:fp2</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp3">cpe:/a:ibm:db2:8.2:fp3</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp4">cpe:/a:ibm:db2:8.2:fp4</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp5">cpe:/a:ibm:db2:8.2:fp5</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp6">cpe:/a:ibm:db2:8.2:fp6</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp7">cpe:/a:ibm:db2:8.2:fp7</a>  and all previous versions</li>
                                                                    <li class="vs176 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp8">cpe:/a:ibm:db2:8.2:fp8</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3958">CVE-2008-3958</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2008-3958')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT/ATTACH data stream that simulates a V7 client connect/attach request.  NOTE: this may overlap CVE-2008-3858.  NOTE: this issue exists because of an incomplete fix for CVE-2008-3959.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08134">IZ08134</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/31058">31058</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/45133">ibm-db2-connect-attach-dos1(45133)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs177', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs177"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                    <li class="vs177">...</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0">cpe:/a:ibm:db2:8.0</a> </li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp10">cpe:/a:ibm:db2:8.0:fp10</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp11">cpe:/a:ibm:db2:8.0:fp11</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp12">cpe:/a:ibm:db2:8.0:fp12</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp13">cpe:/a:ibm:db2:8.0:fp13</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp14">cpe:/a:ibm:db2:8.0:fp14</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp15">cpe:/a:ibm:db2:8.0:fp15</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp16">cpe:/a:ibm:db2:8.0:fp16</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp2">cpe:/a:ibm:db2:8.0:fp2</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp3">cpe:/a:ibm:db2:8.0:fp3</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp4">cpe:/a:ibm:db2:8.0:fp4</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp5">cpe:/a:ibm:db2:8.0:fp5</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6">cpe:/a:ibm:db2:8.0:fp6</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6a">cpe:/a:ibm:db2:8.0:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6b">cpe:/a:ibm:db2:8.0:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6c">cpe:/a:ibm:db2:8.0:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7">cpe:/a:ibm:db2:8.0:fp7</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7a">cpe:/a:ibm:db2:8.0:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8">cpe:/a:ibm:db2:8.0:fp8</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8a">cpe:/a:ibm:db2:8.0:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9">cpe:/a:ibm:db2:8.0:fp9</a>  and all previous versions</li>
                                                                    <li class="vs177 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9a">cpe:/a:ibm:db2:8.0:fp9a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1998">CVE-2008-1998</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2008-1998')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 8.5 (AV:N/AC:M/Au:S/C:C/I:C/A:C)
                            </p>
                            <p>The NNSTAT (aka SYSPROC.NNSTAT) procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 on Windows allows remote authenticated users to overwrite arbitrary files via the log file parameter.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06976">IZ06976</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06977">IZ06977</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10776">IZ10776</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/28836">28836</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/491073/100/0/threaded">20080418 Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.appsecinc.com/resources/alerts/db2/2008-03.shtml">http://www.appsecinc.com/resources/alerts/db2/2008-03.shtml</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/3840">3840</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/41960">ibm-db2-nnstat-file-overwrite(41960)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs178', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs178"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                    <li class="vs178">...</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp1">cpe:/a:ibm:db2:8.0:fp1</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp10">cpe:/a:ibm:db2:8.0:fp10</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp11">cpe:/a:ibm:db2:8.0:fp11</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp12">cpe:/a:ibm:db2:8.0:fp12</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp13">cpe:/a:ibm:db2:8.0:fp13</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp14">cpe:/a:ibm:db2:8.0:fp14</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp15">cpe:/a:ibm:db2:8.0:fp15</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp2">cpe:/a:ibm:db2:8.0:fp2</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp3">cpe:/a:ibm:db2:8.0:fp3</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp4">cpe:/a:ibm:db2:8.0:fp4</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp5">cpe:/a:ibm:db2:8.0:fp5</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6">cpe:/a:ibm:db2:8.0:fp6</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6a">cpe:/a:ibm:db2:8.0:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6b">cpe:/a:ibm:db2:8.0:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6c">cpe:/a:ibm:db2:8.0:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7">cpe:/a:ibm:db2:8.0:fp7</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7a">cpe:/a:ibm:db2:8.0:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8">cpe:/a:ibm:db2:8.0:fp8</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8a">cpe:/a:ibm:db2:8.0:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9">cpe:/a:ibm:db2:8.0:fp9</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9a">cpe:/a:ibm:db2:8.0:fp9a</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Afp3">cpe:/a:ibm:db2:9.1::fp3</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs178 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0699">CVE-2008-0699</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2008-0699')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
                            </p>
                            <p>Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972">IZ06972</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973">IZ06973</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917">IZ10917</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/491075/100/0/threaded">20080418 Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml">http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0401">ADV-2008-0401</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs179', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs179"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                    <li class="vs179">...</li>
                                                                    <li class="vs179 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2_fixpack15">cpe:/a:ibm:db2:8.2_fixpack15</a>  and all previous versions</li>
                                                                    <li class="vs179 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs179 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5652">CVE-2007-5652</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2007-5652')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption.  NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg1LI72519">LI72519</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/26450">26450</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?rs=71&amp;uid=swg21283031">http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21283031</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg21255607">http://www-1.ibm.com/support/docview.wss?uid=swg21255607</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3538">ADV-2007-3538</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3867">ADV-2007-3867</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs180', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs180"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                    <li class="vs180">...</li>
                                                                    <li class="vs180 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs180 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs180 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2a">cpe:/a:ibm:db2:9.1:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs180 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs180 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5090">CVE-2007-5090</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2007-5090')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25810">25810</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg21268116">http://www-1.ibm.com/support/docview.wss?uid=swg21268116</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018735">1018735</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3264">ADV-2007-3264</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/36771">clearquest-unspecified-data-manipulation(36771)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs181', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs181"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2">cpe:/a:ibm:db2</a> </li>
                                    <li class="vs181">...</li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2">cpe:/a:ibm:db2</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A5.00">cpe:/a:ibm:rational_clearquest:5.00</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A5.20">cpe:/a:ibm:rational_clearquest:5.20</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.00">cpe:/a:ibm:rational_clearquest:6.00</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.12">cpe:/a:ibm:rational_clearquest:6.12</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.13">cpe:/a:ibm:rational_clearquest:6.13</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.14">cpe:/a:ibm:rational_clearquest:6.14</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.15">cpe:/a:ibm:rational_clearquest:6.15</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.16">cpe:/a:ibm:rational_clearquest:6.16</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A7.0">cpe:/a:ibm:rational_clearquest:7.0</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A7.0.0.1">cpe:/a:ibm:rational_clearquest:7.0.0.1</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A7.0.1">cpe:/a:ibm:rational_clearquest:7.0.1</a> </li>
                                                                    <li class="vs181 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Asql_server">cpe:/a:microsoft:sql_server</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3676">CVE-2007-3676</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2007-3676')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698.
                                                                    <ul>
                                                                            <li>IDEFENSE - <a target="_blank" href="http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=654">20080207 IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1019318">1019318</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs182', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs182"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.0%3Afix_pack3a">cpe:/a:ibm:db2:9.0:fix_pack3a</a>  and all previous versions</li>
                                    <li class="vs182">...</li>
                                                                    <li class="vs182 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afix_pack15">cpe:/a:ibm:db2:8.0:fix_pack15</a>  and all previous versions</li>
                                                                    <li class="vs182 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.0%3Afix_pack3a">cpe:/a:ibm:db2:9.0:fix_pack3a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2582">CVE-2007-2582</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition-1.0.4.v201107221502.jar', '7ba2ad3443244862426b20f2da73bb78c7223287', 'cve', 'CVE-2007-2582')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a &quot;MemTree overflow.&quot;
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/23890">23890</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/26010">26010</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/482024/100/0/threaded">20071010 ZDI-07-056: IBM DB2 DB2JDS Multiple Vulnerabilities</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.zerodayinitiative.com/advisories/ZDI-07-056.html">http://www.zerodayinitiative.com/advisories/ZDI-07-056.html</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018029">1018029</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018801">1018801</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1707">ADV-2007-1707</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/34184">db2-db2jdbc-bo(34184)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs183"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.0">cpe:/a:ibm:db2:9.0</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l318_3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d"></a>org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.ibm.db2.luw\1.0.2.v201107221502\3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d\org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar<br/>
                            <b>MD5:</b>&nbsp;e38c42056dcd4e9928c7f477d936a919<br/>
                            <b>SHA1:</b>&nbsp;3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d
                                                                                </p>
                                                <h4 id="header691" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content691" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.ibm.db2.luw</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.2.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.2.v20110722</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>enablement</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ibm</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.ibm.db2.luw;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.2.v201107221502</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.datatools.connectivity;bundle-version=&quot;[1.0.1,2.0.0)&quot;,org.eclipse.datatools.connectivity.sqm.core;bundle-version=&quot;[1.0.1,2.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.ibm.db2.luw</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.ibm.db2.luw_1.0.2.v201107221502.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.2.v201107221502</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header692" class="subsectionheader white">Identifiers</h4>
                                                <div id="content692" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aibm%3Adb2" target="_blank">cpe:/a:ibm:db2:1.0.2.v20110722</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cpe', 'cpe:/a:ibm:db2:1.0.2.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.ibm.db2.luw/1.0.2.v201107221502/org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.db2.luw:1.0.2.v201107221502</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header693" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content693" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3324">CVE-2012-3324</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2012-3324')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
                            </p>
                            <p>Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC85513">IC85513</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21611040">http://www-01.ibm.com/support/docview.wss?uid=swg21611040</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/77924">db2-utlfile-dir-traversal(77924)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs184', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs184"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2">cpe:/a:ibm:db2</a> </li>
                                    <li class="vs184">...</li>
                                                                    <li class="vs184 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2">cpe:/a:ibm:db2</a> </li>
                                                                    <li class="vs184 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2_connect%3A10.1">cpe:/a:ibm:db2_connect:10.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1847">CVE-2011-1847</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2011-1847')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:N/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement.  NOTE: some of these details are obtained from third party information.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC71413">IC71413</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC72119">IC72119</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/47525">47525</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC71413">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71413</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC72119">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC72119</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/1083">ADV-2011-1083</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/66979">ibm-db2-rds-sec-bypass(66979)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs185', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs185"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                    <li class="vs185">...</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2">cpe:/a:ibm:db2:9.5:fp2</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3">cpe:/a:ibm:db2:9.5:fp3</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3a">cpe:/a:ibm:db2:9.5:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3b">cpe:/a:ibm:db2:9.5:fp3b</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4">cpe:/a:ibm:db2:9.5:fp4</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4a">cpe:/a:ibm:db2:9.5:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp5">cpe:/a:ibm:db2:9.5:fp5</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6">cpe:/a:ibm:db2:9.5:fp6</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6a">cpe:/a:ibm:db2:9.5:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7">cpe:/a:ibm:db2:9.7</a> </li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp1">cpe:/a:ibm:db2:9.7:fp1</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp2">cpe:/a:ibm:db2:9.7:fp2</a>  and all previous versions</li>
                                                                    <li class="vs185 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp3">cpe:/a:ibm:db2:9.7:fp3</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1846">CVE-2011-1846</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2011-1846')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757.  NOTE: some of these details are obtained from third party information.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263">IC71263</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375">IC71375</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/47525">47525</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC71263">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71263</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC71375">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71375</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/1083">ADV-2011-1083</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/66980">db2-data-services-sec-bypass(66980)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs186', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs186"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                    <li class="vs186">...</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2">cpe:/a:ibm:db2:9.5:fp2</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3">cpe:/a:ibm:db2:9.5:fp3</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3a">cpe:/a:ibm:db2:9.5:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3b">cpe:/a:ibm:db2:9.5:fp3b</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4">cpe:/a:ibm:db2:9.5:fp4</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4a">cpe:/a:ibm:db2:9.5:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp5">cpe:/a:ibm:db2:9.5:fp5</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6">cpe:/a:ibm:db2:9.5:fp6</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6a">cpe:/a:ibm:db2:9.5:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7">cpe:/a:ibm:db2:9.7</a> </li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp1">cpe:/a:ibm:db2:9.7:fp1</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp2">cpe:/a:ibm:db2:9.7:fp2</a>  and all previous versions</li>
                                                                    <li class="vs186 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp3">cpe:/a:ibm:db2:9.7:fp3</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1373">CVE-2011-1373</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2011-1373')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 1.5 (AV:L/AC:M/Au:S/C:N/I:N/A:P)
                            </p>
                            <p>Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC70473">IC70473</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/71043">db2-stmm-dos(71043)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs187', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs187"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7.0.4">cpe:/a:ibm:db2:9.7.0.4</a>  and all previous versions</li>
                                    <li class="vs187">...</li>
                                                                    <li class="vs187 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7.0.1">cpe:/a:ibm:db2:9.7.0.1</a> </li>
                                                                    <li class="vs187 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7.0.2">cpe:/a:ibm:db2:9.7.0.2</a> </li>
                                                                    <li class="vs187 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7.0.3">cpe:/a:ibm:db2:9.7.0.3</a> </li>
                                                                    <li class="vs187 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7.0.4">cpe:/a:ibm:db2:9.7.0.4</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0757">CVE-2011-0757</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2011-0757')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg1IC66811">IC66811</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg1IC66814">IC66814</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg1IC66815">IC66815</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/46064">46064</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC66811">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC66811</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC66814">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC66814</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?crawler=1&amp;uid=swg1IC66815">http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC66815</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg21426108">http://www.ibm.com/support/docview.wss?uid=swg21426108</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/65008">ibm-db2-dbadm-priv-esc(65008)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs188', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs188"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                    <li class="vs188">...</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2a">cpe:/a:ibm:db2:9.1:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6a">cpe:/a:ibm:db2:9.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7">cpe:/a:ibm:db2:9.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7a">cpe:/a:ibm:db2:9.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp8">cpe:/a:ibm:db2:9.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp9">cpe:/a:ibm:db2:9.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2">cpe:/a:ibm:db2:9.5:fp2</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3">cpe:/a:ibm:db2:9.5:fp3</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3a">cpe:/a:ibm:db2:9.5:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3b">cpe:/a:ibm:db2:9.5:fp3b</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4">cpe:/a:ibm:db2:9.5:fp4</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4a">cpe:/a:ibm:db2:9.5:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp5">cpe:/a:ibm:db2:9.5:fp5</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6">cpe:/a:ibm:db2:9.5:fp6</a>  and all previous versions</li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7">cpe:/a:ibm:db2:9.7</a> </li>
                                                                    <li class="vs188 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp1">cpe:/a:ibm:db2:9.7:fp1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0731">CVE-2011-0731</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2011-0731')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC71203">IC71203</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC72028">IC72028</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC72029">IC72029</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/46052">46052</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs189', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs189"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                    <li class="vs189">...</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2a">cpe:/a:ibm:db2:9.1:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6a">cpe:/a:ibm:db2:9.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7">cpe:/a:ibm:db2:9.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7a">cpe:/a:ibm:db2:9.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp8">cpe:/a:ibm:db2:9.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp9">cpe:/a:ibm:db2:9.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2">cpe:/a:ibm:db2:9.5:fp2</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp2a">cpe:/a:ibm:db2:9.5:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3">cpe:/a:ibm:db2:9.5:fp3</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3a">cpe:/a:ibm:db2:9.5:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp3b">cpe:/a:ibm:db2:9.5:fp3b</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4">cpe:/a:ibm:db2:9.5:fp4</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp4a">cpe:/a:ibm:db2:9.5:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp5">cpe:/a:ibm:db2:9.5:fp5</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6">cpe:/a:ibm:db2:9.5:fp6</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp6a">cpe:/a:ibm:db2:9.5:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7">cpe:/a:ibm:db2:9.7</a> </li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp1">cpe:/a:ibm:db2:9.7:fp1</a>  and all previous versions</li>
                                                                    <li class="vs189 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.7%3Afp2">cpe:/a:ibm:db2:9.7:fp2</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1560">CVE-2010-1560</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2010-1560')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users to cause a denial of service (trap) via unspecified vectors. NOTE: this might overlap CVE-2010-0462.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IC65922">IC65922</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21426108">http://www-01.ibm.com/support/docview.wss?uid=swg21426108</a></li>
                                                                            <li>VIM - <a target="_blank" href="http://attrition.org/pipermail/vim/2010-April/002341.html">20100423 IBM 'REPEAT' BoF advisory - APAR IC65922</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/0982">ADV-2010-0982</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/58070">db2-repeat-dos(58070)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs190', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs190"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                    <li class="vs190">...</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6a">cpe:/a:ibm:db2:9.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7">cpe:/a:ibm:db2:9.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp7a">cpe:/a:ibm:db2:9.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs190 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp8">cpe:/a:ibm:db2:9.1:fp8</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2860">CVE-2009-2860</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2009-2860')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows remote attackers to cause a denial of service (service crash) via &quot;malicious packets.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg24024075">http://www-01.ibm.com/support/docview.wss?uid=swg24024075</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/2293">ADV-2009-2293</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs191', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs191"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                    <li class="vs191">...</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp1">cpe:/a:ibm:db2:8.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp11">cpe:/a:ibm:db2:8.1:fp11</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp12">cpe:/a:ibm:db2:8.1:fp12</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp13">cpe:/a:ibm:db2:8.1:fp13</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp14">cpe:/a:ibm:db2:8.1:fp14</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp15">cpe:/a:ibm:db2:8.1:fp15</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17">cpe:/a:ibm:db2:8.1:fp17</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17a">cpe:/a:ibm:db2:8.1:fp17a</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp2">cpe:/a:ibm:db2:8.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp3">cpe:/a:ibm:db2:8.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4">cpe:/a:ibm:db2:8.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4a">cpe:/a:ibm:db2:8.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp5">cpe:/a:ibm:db2:8.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6">cpe:/a:ibm:db2:8.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6a">cpe:/a:ibm:db2:8.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6b">cpe:/a:ibm:db2:8.1:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6c">cpe:/a:ibm:db2:8.1:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7">cpe:/a:ibm:db2:8.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7a">cpe:/a:ibm:db2:8.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8">cpe:/a:ibm:db2:8.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8a">cpe:/a:ibm:db2:8.1:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9">cpe:/a:ibm:db2:8.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs191 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9a">cpe:/a:ibm:db2:8.1:fp9a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2859">CVE-2009-2859</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2009-2859')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>IBM DB2 8.1 before FP18 allows attackers to obtain unspecified access via a das command.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg24024075">http://www-01.ibm.com/support/docview.wss?uid=swg24024075</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/2293">ADV-2009-2293</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs192', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs192"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                    <li class="vs192">...</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp1">cpe:/a:ibm:db2:8.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp11">cpe:/a:ibm:db2:8.1:fp11</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp12">cpe:/a:ibm:db2:8.1:fp12</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp13">cpe:/a:ibm:db2:8.1:fp13</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp14">cpe:/a:ibm:db2:8.1:fp14</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp15">cpe:/a:ibm:db2:8.1:fp15</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17">cpe:/a:ibm:db2:8.1:fp17</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17a">cpe:/a:ibm:db2:8.1:fp17a</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp2">cpe:/a:ibm:db2:8.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp3">cpe:/a:ibm:db2:8.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4">cpe:/a:ibm:db2:8.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4a">cpe:/a:ibm:db2:8.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp5">cpe:/a:ibm:db2:8.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6">cpe:/a:ibm:db2:8.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6a">cpe:/a:ibm:db2:8.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6b">cpe:/a:ibm:db2:8.1:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6c">cpe:/a:ibm:db2:8.1:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7">cpe:/a:ibm:db2:8.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7a">cpe:/a:ibm:db2:8.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8">cpe:/a:ibm:db2:8.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8a">cpe:/a:ibm:db2:8.1:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9">cpe:/a:ibm:db2:8.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs192 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9a">cpe:/a:ibm:db2:8.1:fp9a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2858">CVE-2009-2858</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2009-2858')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>Memory leak in the Security component in IBM DB2 8.1 before FP18 on Unix platforms allows attackers to cause a denial of service (memory consumption) via unspecified vectors, related to private memory within the DB2 memory structure.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1IZ35635">IZ35635</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg24024075">http://www-01.ibm.com/support/docview.wss?uid=swg24024075</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs193', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs193"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                    <li class="vs193">...</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp1">cpe:/a:ibm:db2:8.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp11">cpe:/a:ibm:db2:8.1:fp11</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp12">cpe:/a:ibm:db2:8.1:fp12</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp13">cpe:/a:ibm:db2:8.1:fp13</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp14">cpe:/a:ibm:db2:8.1:fp14</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp15">cpe:/a:ibm:db2:8.1:fp15</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17">cpe:/a:ibm:db2:8.1:fp17</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp17a">cpe:/a:ibm:db2:8.1:fp17a</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp2">cpe:/a:ibm:db2:8.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp3">cpe:/a:ibm:db2:8.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4">cpe:/a:ibm:db2:8.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4a">cpe:/a:ibm:db2:8.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp5">cpe:/a:ibm:db2:8.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6">cpe:/a:ibm:db2:8.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6a">cpe:/a:ibm:db2:8.1:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6b">cpe:/a:ibm:db2:8.1:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6c">cpe:/a:ibm:db2:8.1:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7">cpe:/a:ibm:db2:8.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7a">cpe:/a:ibm:db2:8.1:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8">cpe:/a:ibm:db2:8.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8a">cpe:/a:ibm:db2:8.1:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9">cpe:/a:ibm:db2:8.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs193 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9a">cpe:/a:ibm:db2:8.1:fp9a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1905">CVE-2009-1905</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2009-1905')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-287 Improper Authentication
                            </p>
                            <p>The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1JR32268">JR32268</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1JR32272">JR32272</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1JR32273">JR32273</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/35171">35171</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36540">36540</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21293566">http://www-01.ibm.com/support/docview.wss?uid=swg21293566</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21318189">http://www-01.ibm.com/support/docview.wss?uid=swg21318189</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21386689">http://www-01.ibm.com/support/docview.wss?uid=swg21386689</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1022319">1022319</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/50909">ibmdb2-ldap-security-bypass(50909)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs194', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs194"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                    <li class="vs194">...</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afix_pack15">cpe:/a:ibm:db2:8.0:fix_pack15</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp1">cpe:/a:ibm:db2:8.0:fp1</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp10">cpe:/a:ibm:db2:8.0:fp10</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp11">cpe:/a:ibm:db2:8.0:fp11</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp12">cpe:/a:ibm:db2:8.0:fp12</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp13">cpe:/a:ibm:db2:8.0:fp13</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp14">cpe:/a:ibm:db2:8.0:fp14</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp15">cpe:/a:ibm:db2:8.0:fp15</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp16">cpe:/a:ibm:db2:8.0:fp16</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs194 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1239">CVE-2009-1239</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2009-1239')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886">JR31886</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21381257">http://www-01.ibm.com/support/docview.wss?uid=swg21381257</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0912">ADV-2009-0912</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/49864">db2-predicate-information-disclosure(49864)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs195', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs195"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                    <li class="vs195">...</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Aconnect_server">cpe:/a:ibm:db2:9.1::connect_server</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Aenterprise_server">cpe:/a:ibm:db2:9.1::enterprise_server</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Aexpress_server">cpe:/a:ibm:db2:9.1::express_server</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Apersonal">cpe:/a:ibm:db2:9.1::personal</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Aworkgroup_server">cpe:/a:ibm:db2:9.1::workgroup_server</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a> </li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1%3Aunix">cpe:/a:ibm:db2:9.1:fp1:unix</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1%3Awindows">cpe:/a:ibm:db2:9.1:fp1:windows</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6">cpe:/a:ibm:db2:9.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs195 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp6a">cpe:/a:ibm:db2:9.1:fp6a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4693">CVE-2008-4693</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2008-4693')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading &quot;PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg27013892">http://www-01.ibm.com/support/docview.wss?uid=swg27013892</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2893">ADV-2008-2893</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/46022">ibm-db2-sortlist-info-disclosure(46022)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs196', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs196"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                    <li class="vs196">...</li>
                                                                    <li class="vs196 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs196 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs196 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs196 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs196 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs196 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs196 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs196 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs196 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs196 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4692">CVE-2008-4692</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2008-4692')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
                            </p>
                            <p>The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg27013892">http://www-01.ibm.com/support/docview.wss?uid=swg27013892</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2893">ADV-2008-2893</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/46021">ibm-db2-native-managed-unspecified(46021)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs197', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs197"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                    <li class="vs197">...</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp1">cpe:/a:ibm:db2:8.0:fp1</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp10">cpe:/a:ibm:db2:8.0:fp10</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp11">cpe:/a:ibm:db2:8.0:fp11</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp12">cpe:/a:ibm:db2:8.0:fp12</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp13">cpe:/a:ibm:db2:8.0:fp13</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp14">cpe:/a:ibm:db2:8.0:fp14</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp15">cpe:/a:ibm:db2:8.0:fp15</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp16">cpe:/a:ibm:db2:8.0:fp16</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp2">cpe:/a:ibm:db2:8.0:fp2</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp3">cpe:/a:ibm:db2:8.0:fp3</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp4">cpe:/a:ibm:db2:8.0:fp4</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp4a">cpe:/a:ibm:db2:8.0:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp5">cpe:/a:ibm:db2:8.0:fp5</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6">cpe:/a:ibm:db2:8.0:fp6</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6a">cpe:/a:ibm:db2:8.0:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6b">cpe:/a:ibm:db2:8.0:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6c">cpe:/a:ibm:db2:8.0:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7">cpe:/a:ibm:db2:8.0:fp7</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7a">cpe:/a:ibm:db2:8.0:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8">cpe:/a:ibm:db2:8.0:fp8</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8a">cpe:/a:ibm:db2:8.0:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9">cpe:/a:ibm:db2:8.0:fp9</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9a">cpe:/a:ibm:db2:8.0:fp9a</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a> </li>
                                                                    <li class="vs197 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5%3Afp1">cpe:/a:ibm:db2:9.5:fp1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4691">CVE-2008-4691</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2008-4691')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Unspecified vulnerability in the SQLNLS_UNPADDEDCHARLEN function in the New Compiler (aka Starburst derived compiler) component in the server in IBM DB2 9.1 before FP6 allows attackers to cause a denial of service (segmentation violation and trap) via unknown vectors.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg1LI73364">LI73364</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg27013892">http://www-01.ibm.com/support/docview.wss?uid=swg27013892</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2893">ADV-2008-2893</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs198', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs198"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                    <li class="vs198">...</li>
                                                                    <li class="vs198 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1">cpe:/a:ibm:db2:9.1</a> </li>
                                                                    <li class="vs198 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs198 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs198 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs198 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs198 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs198 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4a">cpe:/a:ibm:db2:9.1:fp4a</a>  and all previous versions</li>
                                                                    <li class="vs198 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp5">cpe:/a:ibm:db2:9.1:fp5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3959">CVE-2008-3959</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2008-3959')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05043">IZ05043</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.appsecinc.com/resources/alerts/db2/2008-01.shtml">http://www.appsecinc.com/resources/alerts/db2/2008-01.shtml</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/45134">ibm-db2-connect-attach-dos2(45134)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs199', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs199"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                    <li class="vs199">...</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp1">cpe:/a:ibm:db2:8.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp10">cpe:/a:ibm:db2:8.1:fp10</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp11">cpe:/a:ibm:db2:8.1:fp11</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp12">cpe:/a:ibm:db2:8.1:fp12</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp13">cpe:/a:ibm:db2:8.1:fp13</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp14">cpe:/a:ibm:db2:8.1:fp14</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp15">cpe:/a:ibm:db2:8.1:fp15</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp2">cpe:/a:ibm:db2:8.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp3">cpe:/a:ibm:db2:8.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp4">cpe:/a:ibm:db2:8.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp5">cpe:/a:ibm:db2:8.1:fp5</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp6">cpe:/a:ibm:db2:8.1:fp6</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp7">cpe:/a:ibm:db2:8.1:fp7</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp8">cpe:/a:ibm:db2:8.1:fp8</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.1%3Afp9">cpe:/a:ibm:db2:8.1:fp9</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2">cpe:/a:ibm:db2:8.2</a> </li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp1">cpe:/a:ibm:db2:8.2:fp1</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp2">cpe:/a:ibm:db2:8.2:fp2</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp3">cpe:/a:ibm:db2:8.2:fp3</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp4">cpe:/a:ibm:db2:8.2:fp4</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp5">cpe:/a:ibm:db2:8.2:fp5</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp6">cpe:/a:ibm:db2:8.2:fp6</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp7">cpe:/a:ibm:db2:8.2:fp7</a>  and all previous versions</li>
                                                                    <li class="vs199 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2%3Afp8">cpe:/a:ibm:db2:8.2:fp8</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3958">CVE-2008-3958</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2008-3958')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT/ATTACH data stream that simulates a V7 client connect/attach request.  NOTE: this may overlap CVE-2008-3858.  NOTE: this issue exists because of an incomplete fix for CVE-2008-3959.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08134">IZ08134</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/31058">31058</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/45133">ibm-db2-connect-attach-dos1(45133)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs200', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs200"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                    <li class="vs200">...</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0">cpe:/a:ibm:db2:8.0</a> </li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp10">cpe:/a:ibm:db2:8.0:fp10</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp11">cpe:/a:ibm:db2:8.0:fp11</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp12">cpe:/a:ibm:db2:8.0:fp12</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp13">cpe:/a:ibm:db2:8.0:fp13</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp14">cpe:/a:ibm:db2:8.0:fp14</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp15">cpe:/a:ibm:db2:8.0:fp15</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp16">cpe:/a:ibm:db2:8.0:fp16</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp2">cpe:/a:ibm:db2:8.0:fp2</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp3">cpe:/a:ibm:db2:8.0:fp3</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp4">cpe:/a:ibm:db2:8.0:fp4</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp5">cpe:/a:ibm:db2:8.0:fp5</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6">cpe:/a:ibm:db2:8.0:fp6</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6a">cpe:/a:ibm:db2:8.0:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6b">cpe:/a:ibm:db2:8.0:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6c">cpe:/a:ibm:db2:8.0:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7">cpe:/a:ibm:db2:8.0:fp7</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7a">cpe:/a:ibm:db2:8.0:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8">cpe:/a:ibm:db2:8.0:fp8</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8a">cpe:/a:ibm:db2:8.0:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9">cpe:/a:ibm:db2:8.0:fp9</a>  and all previous versions</li>
                                                                    <li class="vs200 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9a">cpe:/a:ibm:db2:8.0:fp9a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1998">CVE-2008-1998</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2008-1998')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 8.5 (AV:N/AC:M/Au:S/C:C/I:C/A:C)
                            </p>
                            <p>The NNSTAT (aka SYSPROC.NNSTAT) procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 on Windows allows remote authenticated users to overwrite arbitrary files via the log file parameter.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06976">IZ06976</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06977">IZ06977</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10776">IZ10776</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/28836">28836</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/491073/100/0/threaded">20080418 Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.appsecinc.com/resources/alerts/db2/2008-03.shtml">http://www.appsecinc.com/resources/alerts/db2/2008-03.shtml</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/3840">3840</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/41960">ibm-db2-nnstat-file-overwrite(41960)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs201', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs201"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                    <li class="vs201">...</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp1">cpe:/a:ibm:db2:8.0:fp1</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp10">cpe:/a:ibm:db2:8.0:fp10</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp11">cpe:/a:ibm:db2:8.0:fp11</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp12">cpe:/a:ibm:db2:8.0:fp12</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp13">cpe:/a:ibm:db2:8.0:fp13</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp14">cpe:/a:ibm:db2:8.0:fp14</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp15">cpe:/a:ibm:db2:8.0:fp15</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp2">cpe:/a:ibm:db2:8.0:fp2</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp3">cpe:/a:ibm:db2:8.0:fp3</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp4">cpe:/a:ibm:db2:8.0:fp4</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp5">cpe:/a:ibm:db2:8.0:fp5</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6">cpe:/a:ibm:db2:8.0:fp6</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6a">cpe:/a:ibm:db2:8.0:fp6a</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6b">cpe:/a:ibm:db2:8.0:fp6b</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp6c">cpe:/a:ibm:db2:8.0:fp6c</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7">cpe:/a:ibm:db2:8.0:fp7</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7a">cpe:/a:ibm:db2:8.0:fp7a</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp7b">cpe:/a:ibm:db2:8.0:fp7b</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8">cpe:/a:ibm:db2:8.0:fp8</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp8a">cpe:/a:ibm:db2:8.0:fp8a</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9">cpe:/a:ibm:db2:8.0:fp9</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afp9a">cpe:/a:ibm:db2:8.0:fp9a</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3A%3Afp3">cpe:/a:ibm:db2:9.1::fp3</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs201 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0699">CVE-2008-0699</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2008-0699')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
                            </p>
                            <p>Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972">IZ06972</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973">IZ06973</a></li>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917">IZ10917</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/491075/100/0/threaded">20080418 Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT">ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml">http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0401">ADV-2008-0401</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs202', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs202"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                    <li class="vs202">...</li>
                                                                    <li class="vs202 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.2_fixpack15">cpe:/a:ibm:db2:8.2_fixpack15</a>  and all previous versions</li>
                                                                    <li class="vs202 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp4">cpe:/a:ibm:db2:9.1:fp4</a>  and all previous versions</li>
                                                                    <li class="vs202 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.5">cpe:/a:ibm:db2:9.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5652">CVE-2007-5652</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2007-5652')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption.  NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
                                                                    <ul>
                                                                            <li>AIXAPAR - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg1LI72519">LI72519</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/26450">26450</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?rs=71&amp;uid=swg21283031">http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21283031</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg21255607">http://www-1.ibm.com/support/docview.wss?uid=swg21255607</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3538">ADV-2007-3538</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3867">ADV-2007-3867</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs203', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs203"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                    <li class="vs203">...</li>
                                                                    <li class="vs203 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp1">cpe:/a:ibm:db2:9.1:fp1</a>  and all previous versions</li>
                                                                    <li class="vs203 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2">cpe:/a:ibm:db2:9.1:fp2</a>  and all previous versions</li>
                                                                    <li class="vs203 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp2a">cpe:/a:ibm:db2:9.1:fp2a</a>  and all previous versions</li>
                                                                    <li class="vs203 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3">cpe:/a:ibm:db2:9.1:fp3</a>  and all previous versions</li>
                                                                    <li class="vs203 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.1%3Afp3a">cpe:/a:ibm:db2:9.1:fp3a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5090">CVE-2007-5090</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2007-5090')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/25810">25810</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-1.ibm.com/support/docview.wss?uid=swg21268116">http://www-1.ibm.com/support/docview.wss?uid=swg21268116</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018735">1018735</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3264">ADV-2007-3264</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/36771">clearquest-unspecified-data-manipulation(36771)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs204', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs204"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2">cpe:/a:ibm:db2</a> </li>
                                    <li class="vs204">...</li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2">cpe:/a:ibm:db2</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A5.00">cpe:/a:ibm:rational_clearquest:5.00</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A5.20">cpe:/a:ibm:rational_clearquest:5.20</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.00">cpe:/a:ibm:rational_clearquest:6.00</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.12">cpe:/a:ibm:rational_clearquest:6.12</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.13">cpe:/a:ibm:rational_clearquest:6.13</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.14">cpe:/a:ibm:rational_clearquest:6.14</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.15">cpe:/a:ibm:rational_clearquest:6.15</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A6.16">cpe:/a:ibm:rational_clearquest:6.16</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A7.0">cpe:/a:ibm:rational_clearquest:7.0</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A7.0.0.1">cpe:/a:ibm:rational_clearquest:7.0.0.1</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Arational_clearquest%3A7.0.1">cpe:/a:ibm:rational_clearquest:7.0.1</a> </li>
                                                                    <li class="vs204 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amicrosoft%3Asql_server">cpe:/a:microsoft:sql_server</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3676">CVE-2007-3676</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2007-3676')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698.
                                                                    <ul>
                                                                            <li>IDEFENSE - <a target="_blank" href="http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=654">20080207 IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1019318">1019318</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs205', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs205"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.0%3Afix_pack3a">cpe:/a:ibm:db2:9.0:fix_pack3a</a>  and all previous versions</li>
                                    <li class="vs205">...</li>
                                                                    <li class="vs205 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A8.0%3Afix_pack15">cpe:/a:ibm:db2:8.0:fix_pack15</a>  and all previous versions</li>
                                                                    <li class="vs205 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.0%3Afix_pack3a">cpe:/a:ibm:db2:9.0:fix_pack3a</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2582">CVE-2007-2582</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.db2.luw-1.0.2.v201107221502.jar', '3e9920ed389a8eba9ba8ce46d0c0e8ac6da5b41d', 'cve', 'CVE-2007-2582')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a &quot;MemTree overflow.&quot;
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/23890">23890</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/26010">26010</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/482024/100/0/threaded">20071010 ZDI-07-056: IBM DB2 DB2JDS Multiple Vulnerabilities</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.zerodayinitiative.com/advisories/ZDI-07-056.html">http://www.zerodayinitiative.com/advisories/ZDI-07-056.html</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018029">1018029</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018801">1018801</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1707">ADV-2007-1707</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/34184">db2-db2jdbc-bo(34184)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs206"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aibm%3Adb2%3A9.0">cpe:/a:ibm:db2:9.0</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l319_1587982c1ed42ca42e1fe02f1a3baf1faa4bcbb2"></a>org.eclipse.datatools.enablement.ibm.informix.dbdefinition-1.0.4.v201107221502.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.ibm.informix.dbdefinition\1.0.4.v201107221502\1587982c1ed42ca42e1fe02f1a3baf1faa4bcbb2\org.eclipse.datatools.enablement.ibm.informix.dbdefinition-1.0.4.v201107221502.jar<br/>
                            <b>MD5:</b>&nbsp;bd94b57db3ac938c9a517371dd9e8923<br/>
                            <b>SHA1:</b>&nbsp;1587982c1ed42ca42e1fe02f1a3baf1faa4bcbb2
                                                                                </p>
                                                <h4 id="header694" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content694" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.ibm.informix.dbdefinition</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.4.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.ibm.informix.dbdefinition-1.0.4.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.4.v20110722</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.ibm.informix.dbdefinition; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.4.v201107221502</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.ibm.informix.dbdefinition</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.ibm.informix.dbdefinition_1.0.4.v201107221502.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.4.v201107221502</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header695" class="subsectionheader white">Identifiers</h4>
                                                <div id="content695" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:ibm:informix:1.0.4.v20110722
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.informix.dbdefinition-1.0.4.v201107221502.jar', '1587982c1ed42ca42e1fe02f1a3baf1faa4bcbb2', 'cpe', 'cpe:/a:ibm:informix:1.0.4.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.ibm.informix.dbdefinition/1.0.4.v201107221502/org.eclipse.datatools.enablement.ibm.informix.dbdefinition-1.0.4.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.informix.dbdefinition:1.0.4.v201107221502</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l320_8c1d7354580604905a00c7d9acce3fbc5696b537"></a>org.eclipse.datatools.enablement.ibm.informix-1.0.1.v201107221502.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.ibm.informix\1.0.1.v201107221502\8c1d7354580604905a00c7d9acce3fbc5696b537\org.eclipse.datatools.enablement.ibm.informix-1.0.1.v201107221502.jar<br/>
                            <b>MD5:</b>&nbsp;9ffbdc7f0a83fbbb1d64cb3b9578e3fa<br/>
                            <b>SHA1:</b>&nbsp;8c1d7354580604905a00c7d9acce3fbc5696b537
                                                                                </p>
                                                <h4 id="header696" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content696" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.ibm.informix</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.1.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.ibm.informix-1.0.1.v201107221502</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.1.v20110722</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>enablement</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ibm</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.ibm.informix;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.1.v201107221502</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.datatools.connectivity;bundle-version=&quot;[1.0.1,2.0.0)&quot;,org.eclipse.datatools.connectivity.sqm.core;bundle-version=&quot;[1.0.0,2.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.ibm.informix</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.ibm.informix_1.0.1.v201107221502.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.1.v201107221502</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header697" class="subsectionheader white">Identifiers</h4>
                                                <div id="content697" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:ibm:informix:1.0.1.v20110722
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.ibm.informix-1.0.1.v201107221502.jar', '8c1d7354580604905a00c7d9acce3fbc5696b537', 'cpe', 'cpe:/a:ibm:informix:1.0.1.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.ibm.informix/1.0.1.v201107221502/org.eclipse.datatools.enablement.ibm.informix-1.0.1.v201107221502.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.ibm.informix:1.0.1.v201107221502</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l321_d18a0cca80deb6331f1caffea5abc8fa34e2060e"></a>org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition-1.0.1.v201201240505.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition\1.0.1.v201201240505\d18a0cca80deb6331f1caffea5abc8fa34e2060e\org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition-1.0.1.v201201240505.jar<br/>
                            <b>MD5:</b>&nbsp;4b552c372d4c69ed407bdc1bf5abbc9a<br/>
                            <b>SHA1:</b>&nbsp;d18a0cca80deb6331f1caffea5abc8fa34e2060e
                                                                                </p>
                                                <h4 id="header698" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content698" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.1.v201201240505</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition-1.0.1.v201201240505</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.1.v20120124</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.1.v201201240505</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.msft.sqlserver.dbdefinition</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition_1.0.1.v201201240505.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.1.v201201240505</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header699" class="subsectionheader white">Identifiers</h4>
                                                <div id="content699" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.1.v20120124
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition-1.0.1.v201201240505.jar', 'd18a0cca80deb6331f1caffea5abc8fa34e2060e', 'cpe', 'cpe:/a:eclipse:birt:1.0.1.v20120124')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition/1.0.1.v201201240505/org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition-1.0.1.v201201240505.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition:1.0.1.v201201240505</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header700" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content700" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.msft.sqlserver.dbdefinition-1.0.1.v201201240505.jar', 'd18a0cca80deb6331f1caffea5abc8fa34e2060e', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs207"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l322_bff9658c0858cea81b373f1488274a1d9d200cc6"></a>org.eclipse.datatools.enablement.msft.sqlserver-1.0.2.v201212120617.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.msft.sqlserver\1.0.2.v201212120617\bff9658c0858cea81b373f1488274a1d9d200cc6\org.eclipse.datatools.enablement.msft.sqlserver-1.0.2.v201212120617.jar<br/>
                            <b>MD5:</b>&nbsp;17b87437049e6d36e46af23c8e4faac8<br/>
                            <b>SHA1:</b>&nbsp;bff9658c0858cea81b373f1488274a1d9d200cc6
                                                                                </p>
                                                <h4 id="header701" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content701" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.msft.sqlserver</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.2.v201212120617</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.msft.sqlserver-1.0.2.v201212120617</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.2.v20121212</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>enablement</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>msft</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.msft.sqlserver;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.2.v201212120617</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0)&quot;,org.eclipse.datatools.modelbase.sql;bundle-version=&quot;[1.0.0,2.0.0)&quot;,org.eclipse.datatools.connectivity.sqm.core;bundle-version=&quot;[1.0.1,2.0.0)&quot;,org.eclipse.datatools.connectivity;bundle-version=&quot;[1.0.1,2.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.msft.sqlserver</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.msft.sqlserver_1.0.2.v201212120617.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.2.v201212120617</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header702" class="subsectionheader white">Identifiers</h4>
                                                <div id="content702" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.2.v20121212
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.msft.sqlserver-1.0.2.v201212120617.jar', 'bff9658c0858cea81b373f1488274a1d9d200cc6', 'cpe', 'cpe:/a:eclipse:birt:1.0.2.v20121212')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.msft.sqlserver/1.0.2.v201212120617/org.eclipse.datatools.enablement.msft.sqlserver-1.0.2.v201212120617.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.msft.sqlserver:1.0.2.v201212120617</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header703" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content703" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.msft.sqlserver-1.0.2.v201212120617.jar', 'bff9658c0858cea81b373f1488274a1d9d200cc6', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs208"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l323_7b1abc387591d4a9427bb13344243a220a5d751b"></a>org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.mysql.dbdefinition\1.0.4.v201109022331\7b1abc387591d4a9427bb13344243a220a5d751b\org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar<br/>
                            <b>MD5:</b>&nbsp;dfa223ea33f41fe22cf29c3e57248628<br/>
                            <b>SHA1:</b>&nbsp;7b1abc387591d4a9427bb13344243a220a5d751b
                                                                                </p>
                                                <h4 id="header704" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content704" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.mysql.dbdefinition</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.4.v201109022331</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.4.v20110902</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.mysql.dbdefinition; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.4.v201109022331</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.mysql.dbdefinition</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.mysql.dbdefinition_1.0.4.v201109022331.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.4.v201109022331</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header705" class="subsectionheader white">Identifiers</h4>
                                                <div id="content705" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:dbd-mysql_project:dbd-mysql:1.0.4.v20110902
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cpe', 'cpe:/a:dbd-mysql_project:dbd-mysql:1.0.4.v20110902')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Amysql%3Amysql" target="_blank">cpe:/a:mysql:mysql:1.0.4.v20110902</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cpe', 'cpe:/a:mysql:mysql:1.0.4.v20110902')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.mysql.dbdefinition/1.0.4.v201109022331/org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.mysql.dbdefinition:1.0.4.v201109022331</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header706" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content706" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2575">CVE-2015-2575</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2015-2575')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)
                            </p>
                            <p>Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/74075">74075</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html">http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3621">DSA-3621</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032121">1032121</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html">SUSE-SU-2015:0946</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2015-05/msg00089.html">openSUSE-SU-2015:0967</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs209"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9906">CVE-2014-9906</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2014-9906')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-416 Use After Free
                            </p>
                            <p>Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connection.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/92149">92149</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://cpansearch.perl.org/src/CAPTTOFU/DBD-mysql-4.029/ChangeLog">http://cpansearch.perl.org/src/CAPTTOFU/DBD-mysql-4.029/ChangeLog</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/perl5-dbi/DBD-mysql/commit/a56ae87a4c1c1fead7d09c3653905841ccccf1cc">https://github.com/perl5-dbi/DBD-mysql/commit/a56ae87a4c1c1fead7d09c3653905841ccccf1cc</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://rt.cpan.org/Public/Bug/Display.html?id=97625">https://rt.cpan.org/Public/Bug/Display.html?id=97625</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3635">DSA-3635</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2016/07/27/5">[oss-security] 20160727 CVE Request: DBD-mysql: use-after-free in mysql_dr_error</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2016/07/27/6">[oss-security] 20160727 Re: CVE Request: DBD-mysql: use-after-free in mysql_dr_error</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs210"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Adbd-mysql_project%3Adbd-mysql%3A4.028">cpe:/a:dbd-mysql_project:dbd-mysql:4.028</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0001">CVE-2014-0001</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2014-0001')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65298">65298</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64">http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1054592">https://bugzilla.redhat.com/show_bug.cgi?id=1054592</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://mariadb.com/kb/en/mariadb-5535-changelog/">https://mariadb.com/kb/en/mariadb-5535-changelog/</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-201409-04.xml">GLSA-201409-04</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2014:029">MDVSA-2014:029</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0164.html">RHSA-2014:0164</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0173.html">RHSA-2014:0173</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0186.html">RHSA-2014:0186</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0189.html">RHSA-2014:0189</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs211', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs211"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                    <li class="vs211">...</li>
                                                                    <li class="vs211 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.34">cpe:/a:mariadb:mariadb:5.5.34</a>  and all previous versions</li>
                                                                    <li class="vs211 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0375">CVE-2013-0375</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2013-0375')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
                            </p>
                            <p>Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html">http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-201308-06.xml">GLSA-201308-06</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2013:150">MDVSA-2013:150</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0219.html">RHSA-2013:0219</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-1703-1">USN-1703-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs212', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs212"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a>  and all previous versions</li>
                                    <li class="vs212">...</li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a>  and all previous versions</li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34%3Asp1">cpe:/a:mysql:mysql:5.1.34:sp1</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37%3Asp1">cpe:/a:mysql:mysql:5.1.37:sp1</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40%3Asp1">cpe:/a:mysql:mysql:5.1.40:sp1</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.41">cpe:/a:mysql:mysql:5.1.41</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.42">cpe:/a:mysql:mysql:5.1.42</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43">cpe:/a:mysql:mysql:5.1.43</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43%3Asp1">cpe:/a:mysql:mysql:5.1.43:sp1</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.44">cpe:/a:mysql:mysql:5.1.44</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46">cpe:/a:mysql:mysql:5.1.46</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46%3Asp1">cpe:/a:mysql:mysql:5.1.46:sp1</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.47">cpe:/a:mysql:mysql:5.1.47</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.48">cpe:/a:mysql:mysql:5.1.48</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.49">cpe:/a:mysql:mysql:5.1.49</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.49%3Asp1">cpe:/a:mysql:mysql:5.1.49:sp1</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.50">cpe:/a:mysql:mysql:5.1.50</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5a">cpe:/a:mysql:mysql:5.1.5a</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.51">cpe:/a:oracle:mysql:5.1.51</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.52">cpe:/a:oracle:mysql:5.1.52</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.52%3Asp1">cpe:/a:oracle:mysql:5.1.52:sp1</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.53">cpe:/a:oracle:mysql:5.1.53</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.54">cpe:/a:oracle:mysql:5.1.54</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.55">cpe:/a:oracle:mysql:5.1.55</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.56">cpe:/a:oracle:mysql:5.1.56</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.57">cpe:/a:oracle:mysql:5.1.57</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.58">cpe:/a:oracle:mysql:5.1.58</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.59">cpe:/a:oracle:mysql:5.1.59</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.60">cpe:/a:oracle:mysql:5.1.60</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.61">cpe:/a:oracle:mysql:5.1.61</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.62">cpe:/a:oracle:mysql:5.1.62</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.63">cpe:/a:oracle:mysql:5.1.63</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.64">cpe:/a:oracle:mysql:5.1.64</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.65">cpe:/a:oracle:mysql:5.1.65</a> </li>
                                                                    <li class="vs212 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.66">cpe:/a:oracle:mysql:5.1.66</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5627">CVE-2012-5627</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2012-5627')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-255 Credentials Management
                            </p>
                            <p>Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="https://mariadb.atlassian.net/browse/MDEV-3915">https://mariadb.atlassian.net/browse/MDEV-3915</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2012/Dec/58">20121203 MySQL Local/Remote FAST Account Password Cracking</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2012/Dec/83">20121205 Re: MySQL Local/Remote FAST Account Password	Cracking</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-201308-06.xml">GLSA-201308-06</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2013:102">MDVSA-2013:102</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=883719">https://bugzilla.redhat.com/show_bug.cgi?id=883719</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://seclists.org/oss-sec/2012/q4/424">[oss-security] 20121206 Re: CVE request: Mysql/Mariadb insecure salt-usage</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs213', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs213"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                    <li class="vs213">...</li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.0">cpe:/a:mariadb:mariadb:5.2.0</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.1">cpe:/a:mariadb:mariadb:5.2.1</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.2">cpe:/a:mariadb:mariadb:5.2.2</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.3">cpe:/a:mariadb:mariadb:5.2.3</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.4">cpe:/a:mariadb:mariadb:5.2.4</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.5">cpe:/a:mariadb:mariadb:5.2.5</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.6">cpe:/a:mariadb:mariadb:5.2.6</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.7">cpe:/a:mariadb:mariadb:5.2.7</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.8">cpe:/a:mariadb:mariadb:5.2.8</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.9">cpe:/a:mariadb:mariadb:5.2.9</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.10">cpe:/a:mariadb:mariadb:5.2.10</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.11">cpe:/a:mariadb:mariadb:5.2.11</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.12">cpe:/a:mariadb:mariadb:5.2.12</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.13">cpe:/a:mariadb:mariadb:5.2.13</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.0">cpe:/a:mariadb:mariadb:5.3.0</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.1">cpe:/a:mariadb:mariadb:5.3.1</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.2">cpe:/a:mariadb:mariadb:5.3.2</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.3">cpe:/a:mariadb:mariadb:5.3.3</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.4">cpe:/a:mariadb:mariadb:5.3.4</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.5">cpe:/a:mariadb:mariadb:5.3.5</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.6">cpe:/a:mariadb:mariadb:5.3.6</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.7">cpe:/a:mariadb:mariadb:5.3.7</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.8">cpe:/a:mariadb:mariadb:5.3.8</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.9">cpe:/a:mariadb:mariadb:5.3.9</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.10">cpe:/a:mariadb:mariadb:5.3.10</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.11">cpe:/a:mariadb:mariadb:5.3.11</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.20">cpe:/a:mariadb:mariadb:5.5.20</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.21">cpe:/a:mariadb:mariadb:5.5.21</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.22">cpe:/a:mariadb:mariadb:5.5.22</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.23">cpe:/a:mariadb:mariadb:5.5.23</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.24">cpe:/a:mariadb:mariadb:5.5.24</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.25">cpe:/a:mariadb:mariadb:5.5.25</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.27">cpe:/a:mariadb:mariadb:5.5.27</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.28">cpe:/a:mariadb:mariadb:5.5.28</a> </li>
                                                                    <li class="vs213 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3682">CVE-2010-3682</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2010-3682')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                            </p>
                            <p>Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted &quot;SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)&quot; statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html">APPLE-SA-2011-06-23-1</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/42599">42599</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=52711">http://bugs.mysql.com/bug.php?id=52711</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html">http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT4723">http://support.apple.com/kb/HT4723</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=628328">https://bugzilla.redhat.com/show_bug.cgi?id=628328</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2011/dsa-2143">DSA-2143</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:155">MDVSA-2010:155</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:222">MDVSA-2010:222</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2011:012">MDVSA-2011:012</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/09/28/10">[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS  flaws</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0825.html">RHSA-2010:0825</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2011-0164.html">RHSA-2011:0164</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html">SUSE-SR:2010:019</a></li>
                                                                            <li>TURBO - <a target="_blank" href="http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt">TLSA-2011-3</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-1017-1">USN-1017-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0105">ADV-2011-0105</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0133">ADV-2011-0133</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0170">ADV-2011-0170</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0345">ADV-2011-0345</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/64684">mysql-itemsinglerowsubselect-dos(64684)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs214', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs214"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.91">cpe:/a:mysql:mysql:5.0.91</a>  and all previous versions</li>
                                    <li class="vs214">...</li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.28">cpe:/a:mysql:mysql:5.0.28</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30%3Asp1">cpe:/a:mysql:mysql:5.0.30:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.34">cpe:/a:mysql:mysql:5.0.34</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36">cpe:/a:mysql:mysql:5.0.36</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36%3Asp1">cpe:/a:mysql:mysql:5.0.36:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.40">cpe:/a:mysql:mysql:5.0.40</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.42">cpe:/a:mysql:mysql:5.0.42</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44">cpe:/a:mysql:mysql:5.0.44</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44%3Asp1">cpe:/a:mysql:mysql:5.0.44:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.46">cpe:/a:mysql:mysql:5.0.46</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.48">cpe:/a:mysql:mysql:5.0.48</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.50">cpe:/a:mysql:mysql:5.0.50</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51%3Aa">cpe:/a:mysql:mysql:5.0.51:a</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51%3Ab">cpe:/a:mysql:mysql:5.0.51:b</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.52">cpe:/a:mysql:mysql:5.0.52</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.54">cpe:/a:mysql:mysql:5.0.54</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56">cpe:/a:mysql:mysql:5.0.56</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56%3Asp1">cpe:/a:mysql:mysql:5.0.56:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.58">cpe:/a:mysql:mysql:5.0.58</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.60">cpe:/a:mysql:mysql:5.0.60</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.62">cpe:/a:mysql:mysql:5.0.62</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.64">cpe:/a:mysql:mysql:5.0.64</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66">cpe:/a:mysql:mysql:5.0.66</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66%3Aa">cpe:/a:mysql:mysql:5.0.66:a</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66%3Asp1">cpe:/a:mysql:mysql:5.0.66:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.67">cpe:/a:mysql:mysql:5.0.67</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.68">cpe:/a:mysql:mysql:5.0.68</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.70">cpe:/a:mysql:mysql:5.0.70</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.72">cpe:/a:mysql:mysql:5.0.72</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.72%3Asp1">cpe:/a:mysql:mysql:5.0.72:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.74">cpe:/a:mysql:mysql:5.0.74</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.74%3Asp1">cpe:/a:mysql:mysql:5.0.74:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.75">cpe:/a:mysql:mysql:5.0.75</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.76">cpe:/a:mysql:mysql:5.0.76</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.77">cpe:/a:mysql:mysql:5.0.77</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.78">cpe:/a:mysql:mysql:5.0.78</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.79">cpe:/a:mysql:mysql:5.0.79</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.80">cpe:/a:mysql:mysql:5.0.80</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.81">cpe:/a:mysql:mysql:5.0.81</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82">cpe:/a:mysql:mysql:5.0.82</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82%3Asp1">cpe:/a:mysql:mysql:5.0.82:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.83">cpe:/a:mysql:mysql:5.0.83</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84">cpe:/a:mysql:mysql:5.0.84</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84%3Asp1">cpe:/a:mysql:mysql:5.0.84:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.85">cpe:/a:mysql:mysql:5.0.85</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.86">cpe:/a:mysql:mysql:5.0.86</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87">cpe:/a:mysql:mysql:5.0.87</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87%3Asp1">cpe:/a:mysql:mysql:5.0.87:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.88">cpe:/a:mysql:mysql:5.0.88</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.89">cpe:/a:mysql:mysql:5.0.89</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.90">cpe:/a:mysql:mysql:5.0.90</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.91">cpe:/a:mysql:mysql:5.0.91</a>  and all previous versions</li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34%3Asp1">cpe:/a:mysql:mysql:5.1.34:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37%3Asp1">cpe:/a:mysql:mysql:5.1.37:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40%3Asp1">cpe:/a:mysql:mysql:5.1.40:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.41">cpe:/a:mysql:mysql:5.1.41</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.42">cpe:/a:mysql:mysql:5.1.42</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43">cpe:/a:mysql:mysql:5.1.43</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43%3Asp1">cpe:/a:mysql:mysql:5.1.43:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.44">cpe:/a:mysql:mysql:5.1.44</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46">cpe:/a:mysql:mysql:5.1.46</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46%3Asp1">cpe:/a:mysql:mysql:5.1.46:sp1</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.47">cpe:/a:mysql:mysql:5.1.47</a> </li>
                                                                    <li class="vs214 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.48">cpe:/a:mysql:mysql:5.1.48</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3677">CVE-2010-3677</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2010-3677')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html">APPLE-SA-2011-06-23-1</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/42646">42646</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html">http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT4723">http://support.apple.com/kb/HT4723</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=628040">https://bugzilla.redhat.com/show_bug.cgi?id=628040</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2011/dsa-2143">DSA-2143</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:155">MDVSA-2010:155</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:222">MDVSA-2010:222</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2011:012">MDVSA-2011:012</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=54575">http://bugs.mysql.com/bug.php?id=54575</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/09/28/10">[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS  flaws</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0825.html">RHSA-2010:0825</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2011-0164.html">RHSA-2011:0164</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html">SUSE-SR:2010:019</a></li>
                                                                            <li>TURBO - <a target="_blank" href="http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt">TLSA-2011-3</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-1017-1">USN-1017-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0105">ADV-2011-0105</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0133">ADV-2011-0133</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0170">ADV-2011-0170</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0345">ADV-2011-0345</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/64688">mysql-setcolumn-dos(64688)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs215', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs215"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.91">cpe:/a:mysql:mysql:5.0.91</a>  and all previous versions</li>
                                    <li class="vs215">...</li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.28">cpe:/a:mysql:mysql:5.0.28</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30%3Asp1">cpe:/a:mysql:mysql:5.0.30:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.34">cpe:/a:mysql:mysql:5.0.34</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36">cpe:/a:mysql:mysql:5.0.36</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36%3Asp1">cpe:/a:mysql:mysql:5.0.36:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.40">cpe:/a:mysql:mysql:5.0.40</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.42">cpe:/a:mysql:mysql:5.0.42</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44">cpe:/a:mysql:mysql:5.0.44</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44%3Asp1">cpe:/a:mysql:mysql:5.0.44:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.46">cpe:/a:mysql:mysql:5.0.46</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.48">cpe:/a:mysql:mysql:5.0.48</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.50">cpe:/a:mysql:mysql:5.0.50</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51%3Aa">cpe:/a:mysql:mysql:5.0.51:a</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51%3Ab">cpe:/a:mysql:mysql:5.0.51:b</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.52">cpe:/a:mysql:mysql:5.0.52</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.54">cpe:/a:mysql:mysql:5.0.54</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56">cpe:/a:mysql:mysql:5.0.56</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56%3Asp1">cpe:/a:mysql:mysql:5.0.56:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.58">cpe:/a:mysql:mysql:5.0.58</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.60">cpe:/a:mysql:mysql:5.0.60</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.62">cpe:/a:mysql:mysql:5.0.62</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.64">cpe:/a:mysql:mysql:5.0.64</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66">cpe:/a:mysql:mysql:5.0.66</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66%3Aa">cpe:/a:mysql:mysql:5.0.66:a</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66%3Asp1">cpe:/a:mysql:mysql:5.0.66:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.67">cpe:/a:mysql:mysql:5.0.67</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.68">cpe:/a:mysql:mysql:5.0.68</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.70">cpe:/a:mysql:mysql:5.0.70</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.72">cpe:/a:mysql:mysql:5.0.72</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.72%3Asp1">cpe:/a:mysql:mysql:5.0.72:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.74">cpe:/a:mysql:mysql:5.0.74</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.74%3Asp1">cpe:/a:mysql:mysql:5.0.74:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.75">cpe:/a:mysql:mysql:5.0.75</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.76">cpe:/a:mysql:mysql:5.0.76</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.77">cpe:/a:mysql:mysql:5.0.77</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.78">cpe:/a:mysql:mysql:5.0.78</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.79">cpe:/a:mysql:mysql:5.0.79</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.80">cpe:/a:mysql:mysql:5.0.80</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.81">cpe:/a:mysql:mysql:5.0.81</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82">cpe:/a:mysql:mysql:5.0.82</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82%3Asp1">cpe:/a:mysql:mysql:5.0.82:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.83">cpe:/a:mysql:mysql:5.0.83</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84">cpe:/a:mysql:mysql:5.0.84</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84%3Asp1">cpe:/a:mysql:mysql:5.0.84:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.85">cpe:/a:mysql:mysql:5.0.85</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.86">cpe:/a:mysql:mysql:5.0.86</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87">cpe:/a:mysql:mysql:5.0.87</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87%3Asp1">cpe:/a:mysql:mysql:5.0.87:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.88">cpe:/a:mysql:mysql:5.0.88</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.89">cpe:/a:mysql:mysql:5.0.89</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.90">cpe:/a:mysql:mysql:5.0.90</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.91">cpe:/a:mysql:mysql:5.0.91</a>  and all previous versions</li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34%3Asp1">cpe:/a:mysql:mysql:5.1.34:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37%3Asp1">cpe:/a:mysql:mysql:5.1.37:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40%3Asp1">cpe:/a:mysql:mysql:5.1.40:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.41">cpe:/a:mysql:mysql:5.1.41</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.42">cpe:/a:mysql:mysql:5.1.42</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43">cpe:/a:mysql:mysql:5.1.43</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43%3Asp1">cpe:/a:mysql:mysql:5.1.43:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.44">cpe:/a:mysql:mysql:5.1.44</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46">cpe:/a:mysql:mysql:5.1.46</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46%3Asp1">cpe:/a:mysql:mysql:5.1.46:sp1</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.47">cpe:/a:mysql:mysql:5.1.47</a> </li>
                                                                    <li class="vs215 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.48">cpe:/a:mysql:mysql:5.1.48</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2008">CVE-2010-2008</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2010-2008')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/41198">41198</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=53804">http://bugs.mysql.com/bug.php?id=53804</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html">FEDORA-2010-11135</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:155">MDVSA-2010:155</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1024160">1024160</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-1017-1">USN-1017-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1918">ADV-2010-1918</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs216', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs216"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.47">cpe:/a:mysql:mysql:5.1.47</a>  and all previous versions</li>
                                    <li class="vs216">...</li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1">cpe:/a:mysql:mysql:5.1</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.6">cpe:/a:mysql:mysql:5.1.6</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.7">cpe:/a:mysql:mysql:5.1.7</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.8">cpe:/a:mysql:mysql:5.1.8</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.9">cpe:/a:mysql:mysql:5.1.9</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34%3Asp1">cpe:/a:mysql:mysql:5.1.34:sp1</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37%3Asp1">cpe:/a:mysql:mysql:5.1.37:sp1</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40%3Asp1">cpe:/a:mysql:mysql:5.1.40:sp1</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.41">cpe:/a:mysql:mysql:5.1.41</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.42">cpe:/a:mysql:mysql:5.1.42</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43">cpe:/a:mysql:mysql:5.1.43</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43%3Asp1">cpe:/a:mysql:mysql:5.1.43:sp1</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.44">cpe:/a:mysql:mysql:5.1.44</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46">cpe:/a:mysql:mysql:5.1.46</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46%3Asp1">cpe:/a:mysql:mysql:5.1.46:sp1</a> </li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.47">cpe:/a:mysql:mysql:5.1.47</a>  and all previous versions</li>
                                                                    <li class="vs216 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5a">cpe:/a:mysql:mysql:5.1.5a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1626">CVE-2010-1626</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2010-1626')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 3.6 (AV:L/AC:L/Au:N/C:N/I:P/A:P)
                                                            <br/>CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
                            </p>
                            <p>MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/40257">40257</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=40980">http://bugs.mysql.com/bug.php?id=40980</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:101">MDVSA-2010:101</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/05/10/2">[oss-security] 20100510 Re: A mysql flaw.</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/05/18/4">[oss-security] 20100518 Re: A mysql flaw.</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0442.html">RHSA-2010:0442</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1024004">1024004</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html">SUSE-SR:2010:019</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html">SUSE-SR:2010:021</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1194">ADV-2010-1194</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs217', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs217"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a>  and all previous versions</li>
                                    <li class="vs217">...</li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24a">cpe:/a:mysql:mysql:5.0.24a</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.23">cpe:/a:mysql:mysql:5.0.23</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45b">cpe:/a:mysql:mysql:5.0.45b</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51a">cpe:/a:mysql:mysql:5.0.51a</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51b">cpe:/a:mysql:mysql:5.0.51b</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.67">cpe:/a:mysql:mysql:5.0.67</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.75">cpe:/a:mysql:mysql:5.0.75</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.77">cpe:/a:mysql:mysql:5.0.77</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.81">cpe:/a:mysql:mysql:5.0.81</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82">cpe:/a:mysql:mysql:5.0.82</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.83">cpe:/a:mysql:mysql:5.0.83</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84">cpe:/a:mysql:mysql:5.0.84</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.85">cpe:/a:mysql:mysql:5.0.85</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.86">cpe:/a:mysql:mysql:5.0.86</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87">cpe:/a:mysql:mysql:5.0.87</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.88">cpe:/a:mysql:mysql:5.0.88</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.89">cpe:/a:mysql:mysql:5.0.89</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.90">cpe:/a:mysql:mysql:5.0.90</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.91">cpe:/a:mysql:mysql:5.0.91</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.41">cpe:/a:mysql:mysql:5.1.41</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.42">cpe:/a:mysql:mysql:5.1.42</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43">cpe:/a:mysql:mysql:5.1.43</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.44">cpe:/a:mysql:mysql:5.1.44</a> </li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a>  and all previous versions</li>
                                                                    <li class="vs217 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5a">cpe:/a:mysql:mysql:5.1.5a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1621">CVE-2010-1621</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2010-1621')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/39543">39543</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=51770">http://bugs.mysql.com/bug.php?id=51770</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-46.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-46.html</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:093">MDVSA-2010:093</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs218"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4028">CVE-2009-4028</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2009-4028')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/47320">http://bugs.mysql.com/47320</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html">http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://lists.mysql.com/commits/87446">[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2009/11/19/3">[oss-security] 20091119 mysql-5.1.41</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=oss-security&amp;m=125881733826437&amp;w=2">[oss-security] 20091121 CVE Request - MySQL - 5.0.88</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2009/11/23/16">[oss-security] 20091123 Re: mysql-5.1.41</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0109.html">RHSA-2010:0109</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html">SUSE-SR:2010:011</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1107">ADV-2010-1107</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs219', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs219"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87">cpe:/a:mysql:mysql:5.0.87</a>  and all previous versions</li>
                                    <li class="vs219">...</li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0">cpe:/a:mysql:mysql:5.0</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0.0">cpe:/a:mysql:mysql:5.0.0.0</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24a">cpe:/a:mysql:mysql:5.0.24a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3%3Abeta">cpe:/a:mysql:mysql:5.0.3:beta</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5">cpe:/a:mysql:mysql:5.0.5</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51a">cpe:/a:mysql:mysql:5.0.51a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51b">cpe:/a:mysql:mysql:5.0.51b</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.7">cpe:/a:mysql:mysql:5.0.7</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.8">cpe:/a:mysql:mysql:5.0.8</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22.1.0.1">cpe:/a:mysql:mysql:5.0.22.1.0.1</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.23">cpe:/a:mysql:mysql:5.0.23</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.25">cpe:/a:mysql:mysql:5.0.25</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.26">cpe:/a:mysql:mysql:5.0.26</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30%3Asp1">cpe:/a:mysql:mysql:5.0.30:sp1</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36">cpe:/a:mysql:mysql:5.0.36</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.42">cpe:/a:mysql:mysql:5.0.42</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44">cpe:/a:mysql:mysql:5.0.44</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.50">cpe:/a:mysql:mysql:5.0.50</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51">cpe:/a:mysql:mysql:5.0.51</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.52">cpe:/a:mysql:mysql:5.0.52</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.54">cpe:/a:mysql:mysql:5.0.54</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56">cpe:/a:mysql:mysql:5.0.56</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.60">cpe:/a:mysql:mysql:5.0.60</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66">cpe:/a:mysql:mysql:5.0.66</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.75">cpe:/a:mysql:mysql:5.0.75</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.77">cpe:/a:mysql:mysql:5.0.77</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.81">cpe:/a:mysql:mysql:5.0.81</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82">cpe:/a:mysql:mysql:5.0.82</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.83">cpe:/a:mysql:mysql:5.0.83</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84">cpe:/a:mysql:mysql:5.0.84</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.85">cpe:/a:mysql:mysql:5.0.85</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.86">cpe:/a:mysql:mysql:5.0.86</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87">cpe:/a:mysql:mysql:5.0.87</a>  and all previous versions</li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1">cpe:/a:mysql:mysql:5.1</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.6">cpe:/a:mysql:mysql:5.1.6</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.7">cpe:/a:mysql:mysql:5.1.7</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.8">cpe:/a:mysql:mysql:5.1.8</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.9">cpe:/a:mysql:mysql:5.1.9</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34%3Asp1">cpe:/a:mysql:mysql:5.1.34:sp1</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37%3Asp1">cpe:/a:mysql:mysql:5.1.37:sp1</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40%3Asp1">cpe:/a:mysql:mysql:5.1.40:sp1</a> </li>
                                                                    <li class="vs219 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5a">cpe:/a:mysql:mysql:5.1.5a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0819">CVE-2009-0819</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2009-0819')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                            </p>
                            <p>sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via &quot;an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML(),&quot; which triggers an assertion failure.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/33972">33972</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=42495">http://bugs.mysql.com/bug.php?id=42495</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/6.0/en/news-6-0-10.html">http://dev.mysql.com/doc/refman/6.0/en/news-6-0-10.html</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1021786">1021786</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0594">ADV-2009-0594</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/49050">mysql-xpath-dos(49050)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs220', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs220"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a>  and all previous versions</li>
                                    <li class="vs220">...</li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1">cpe:/a:mysql:mysql:5.1</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a>  and all previous versions</li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.0">cpe:/a:mysql:mysql:6.0.0</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.1">cpe:/a:mysql:mysql:6.0.1</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.2">cpe:/a:mysql:mysql:6.0.2</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.3">cpe:/a:mysql:mysql:6.0.3</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.4">cpe:/a:mysql:mysql:6.0.4</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.9">cpe:/a:mysql:mysql:6.0.9</a> </li>
                                                                    <li class="vs220 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.10-bzr">cpe:/a:mysql:mysql:6.0.10-bzr</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4098">CVE-2008-4098</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2008-4098')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
                            </p>
                            <p>MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=32167">http://bugs.mysql.com/bug.php?id=32167</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2008/dsa-1662">DSA-1662</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:094">MDVSA-2009:094</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2008/09/09/20">[oss-security] 20080909 Re: CVE request: MySQL incomplete fix for CVE-2008-2079</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2008/09/16/3">[oss-security] 20080916 Re: CVE request: MySQL incomplete fix for CVE-2008-2079</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2009-1067.html">RHSA-2009:1067</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0110.html">RHSA-2010:0110</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html">SUSE-SR:2008:025</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-671-1">USN-671-1</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://ubuntu.com/usn/usn-897-1">USN-897-1</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/45649">mysql-myisam-symlink-security-bypass(45649)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs221', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs221"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                    <li class="vs221">...</li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.20">cpe:/a:mysql:mysql:3.20</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.20.32a">cpe:/a:mysql:mysql:3.20.32a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.21">cpe:/a:mysql:mysql:3.21</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22">cpe:/a:mysql:mysql:3.22</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.26">cpe:/a:mysql:mysql:3.22.26</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.27">cpe:/a:mysql:mysql:3.22.27</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.28">cpe:/a:mysql:mysql:3.22.28</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.29">cpe:/a:mysql:mysql:3.22.29</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.30">cpe:/a:mysql:mysql:3.22.30</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.32">cpe:/a:mysql:mysql:3.22.32</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23">cpe:/a:mysql:mysql:3.23</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.0%3Aalpha">cpe:/a:mysql:mysql:3.23.0:alpha</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.1">cpe:/a:mysql:mysql:3.23.1</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.2">cpe:/a:mysql:mysql:3.23.2</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.3">cpe:/a:mysql:mysql:3.23.3</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.4">cpe:/a:mysql:mysql:3.23.4</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.5">cpe:/a:mysql:mysql:3.23.5</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.6">cpe:/a:mysql:mysql:3.23.6</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.7">cpe:/a:mysql:mysql:3.23.7</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.8">cpe:/a:mysql:mysql:3.23.8</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.9">cpe:/a:mysql:mysql:3.23.9</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.10">cpe:/a:mysql:mysql:3.23.10</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.11">cpe:/a:mysql:mysql:3.23.11</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.12">cpe:/a:mysql:mysql:3.23.12</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.13">cpe:/a:mysql:mysql:3.23.13</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.14">cpe:/a:mysql:mysql:3.23.14</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.15">cpe:/a:mysql:mysql:3.23.15</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.16">cpe:/a:mysql:mysql:3.23.16</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.17">cpe:/a:mysql:mysql:3.23.17</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.18">cpe:/a:mysql:mysql:3.23.18</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.19">cpe:/a:mysql:mysql:3.23.19</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.20%3Abeta">cpe:/a:mysql:mysql:3.23.20:beta</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.21">cpe:/a:mysql:mysql:3.23.21</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.22">cpe:/a:mysql:mysql:3.23.22</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.23">cpe:/a:mysql:mysql:3.23.23</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.24">cpe:/a:mysql:mysql:3.23.24</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.25">cpe:/a:mysql:mysql:3.23.25</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.26">cpe:/a:mysql:mysql:3.23.26</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.27">cpe:/a:mysql:mysql:3.23.27</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.28">cpe:/a:mysql:mysql:3.23.28</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.28%3Agamma">cpe:/a:mysql:mysql:3.23.28:gamma</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.29">cpe:/a:mysql:mysql:3.23.29</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.30">cpe:/a:mysql:mysql:3.23.30</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.31">cpe:/a:mysql:mysql:3.23.31</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.32">cpe:/a:mysql:mysql:3.23.32</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.33">cpe:/a:mysql:mysql:3.23.33</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.34">cpe:/a:mysql:mysql:3.23.34</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.35">cpe:/a:mysql:mysql:3.23.35</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.36">cpe:/a:mysql:mysql:3.23.36</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.37">cpe:/a:mysql:mysql:3.23.37</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.38">cpe:/a:mysql:mysql:3.23.38</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.39">cpe:/a:mysql:mysql:3.23.39</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.40">cpe:/a:mysql:mysql:3.23.40</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.41">cpe:/a:mysql:mysql:3.23.41</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.42">cpe:/a:mysql:mysql:3.23.42</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.43">cpe:/a:mysql:mysql:3.23.43</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.44">cpe:/a:mysql:mysql:3.23.44</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.45">cpe:/a:mysql:mysql:3.23.45</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.46">cpe:/a:mysql:mysql:3.23.46</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.47">cpe:/a:mysql:mysql:3.23.47</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.48">cpe:/a:mysql:mysql:3.23.48</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.49">cpe:/a:mysql:mysql:3.23.49</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.50">cpe:/a:mysql:mysql:3.23.50</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.51">cpe:/a:mysql:mysql:3.23.51</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.52">cpe:/a:mysql:mysql:3.23.52</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.53">cpe:/a:mysql:mysql:3.23.53</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.53a">cpe:/a:mysql:mysql:3.23.53a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.54">cpe:/a:mysql:mysql:3.23.54</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.54a">cpe:/a:mysql:mysql:3.23.54a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.55">cpe:/a:mysql:mysql:3.23.55</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.56">cpe:/a:mysql:mysql:3.23.56</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.57">cpe:/a:mysql:mysql:3.23.57</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.58">cpe:/a:mysql:mysql:3.23.58</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.59">cpe:/a:mysql:mysql:3.23.59</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.0">cpe:/a:mysql:mysql:4.0.0</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.1">cpe:/a:mysql:mysql:4.0.1</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.2">cpe:/a:mysql:mysql:4.0.2</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.3">cpe:/a:mysql:mysql:4.0.3</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.4">cpe:/a:mysql:mysql:4.0.4</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.5">cpe:/a:mysql:mysql:4.0.5</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.5a">cpe:/a:mysql:mysql:4.0.5a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.6">cpe:/a:mysql:mysql:4.0.6</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.7">cpe:/a:mysql:mysql:4.0.7</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.7%3Agamma">cpe:/a:mysql:mysql:4.0.7:gamma</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.8">cpe:/a:mysql:mysql:4.0.8</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.8%3Agamma">cpe:/a:mysql:mysql:4.0.8:gamma</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.9">cpe:/a:mysql:mysql:4.0.9</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.9%3Agamma">cpe:/a:mysql:mysql:4.0.9:gamma</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.10">cpe:/a:mysql:mysql:4.0.10</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.11">cpe:/a:mysql:mysql:4.0.11</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.11%3Agamma">cpe:/a:mysql:mysql:4.0.11:gamma</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.12">cpe:/a:mysql:mysql:4.0.12</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.13">cpe:/a:mysql:mysql:4.0.13</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.14">cpe:/a:mysql:mysql:4.0.14</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.15">cpe:/a:mysql:mysql:4.0.15</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.16">cpe:/a:mysql:mysql:4.0.16</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.17">cpe:/a:mysql:mysql:4.0.17</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.18">cpe:/a:mysql:mysql:4.0.18</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.19">cpe:/a:mysql:mysql:4.0.19</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.20">cpe:/a:mysql:mysql:4.0.20</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.21">cpe:/a:mysql:mysql:4.0.21</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.23">cpe:/a:mysql:mysql:4.0.23</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.24">cpe:/a:mysql:mysql:4.0.24</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.25">cpe:/a:mysql:mysql:4.0.25</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.26">cpe:/a:mysql:mysql:4.0.26</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.27">cpe:/a:mysql:mysql:4.0.27</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1">cpe:/a:mysql:mysql:4.1</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0">cpe:/a:mysql:mysql:4.1.0</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0%3Aalpha">cpe:/a:mysql:mysql:4.1.0:alpha</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0.0">cpe:/a:mysql:mysql:4.1.0.0</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.1">cpe:/a:mysql:mysql:4.1.1</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.10a">cpe:/a:mysql:mysql:4.1.10a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.12a">cpe:/a:mysql:mysql:4.1.12a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.13a">cpe:/a:mysql:mysql:4.1.13a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.14a">cpe:/a:mysql:mysql:4.1.14a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.15a">cpe:/a:mysql:mysql:4.1.15a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.2">cpe:/a:mysql:mysql:4.1.2</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.2%3Aalpha">cpe:/a:mysql:mysql:4.1.2:alpha</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.3">cpe:/a:mysql:mysql:4.1.3</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.3%3Abeta">cpe:/a:mysql:mysql:4.1.3:beta</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.4">cpe:/a:mysql:mysql:4.1.4</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.5">cpe:/a:mysql:mysql:4.1.5</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.6">cpe:/a:mysql:mysql:4.1.6</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.7">cpe:/a:mysql:mysql:4.1.7</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.8">cpe:/a:mysql:mysql:4.1.8</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.9">cpe:/a:mysql:mysql:4.1.9</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.10">cpe:/a:mysql:mysql:4.1.10</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.11">cpe:/a:mysql:mysql:4.1.11</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.12">cpe:/a:mysql:mysql:4.1.12</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.13">cpe:/a:mysql:mysql:4.1.13</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.14">cpe:/a:mysql:mysql:4.1.14</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.15">cpe:/a:mysql:mysql:4.1.15</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.16">cpe:/a:mysql:mysql:4.1.16</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.17">cpe:/a:mysql:mysql:4.1.17</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.18">cpe:/a:mysql:mysql:4.1.18</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.19">cpe:/a:mysql:mysql:4.1.19</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.20">cpe:/a:mysql:mysql:4.1.20</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.21">cpe:/a:mysql:mysql:4.1.21</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.22">cpe:/a:mysql:mysql:4.1.22</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.23">cpe:/a:mysql:mysql:4.1.23</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.8a">cpe:/a:mysql:mysql:4.1.8a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0">cpe:/a:mysql:mysql:5.0</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0.0">cpe:/a:mysql:mysql:5.0.0.0</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3%3Abeta">cpe:/a:mysql:mysql:5.0.3:beta</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5">cpe:/a:mysql:mysql:5.0.5</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.7">cpe:/a:mysql:mysql:5.0.7</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.8">cpe:/a:mysql:mysql:5.0.8</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.9">cpe:/a:mysql:mysql:5.0.9</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22.1.0.1">cpe:/a:mysql:mysql:5.0.22.1.0.1</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.23">cpe:/a:mysql:mysql:5.0.23</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24a">cpe:/a:mysql:mysql:5.0.24a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.25">cpe:/a:mysql:mysql:5.0.25</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30%3Asp1">cpe:/a:mysql:mysql:5.0.30:sp1</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36">cpe:/a:mysql:mysql:5.0.36</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.42">cpe:/a:mysql:mysql:5.0.42</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44">cpe:/a:mysql:mysql:5.0.44</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.50">cpe:/a:mysql:mysql:5.0.50</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51a">cpe:/a:mysql:mysql:5.0.51a</a> </li>
                                                                    <li class="vs221 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51b">cpe:/a:mysql:mysql:5.0.51b</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2079">CVE-2008-2079</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2008-2079')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html">APPLE-SA-2008-10-09</a></li>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html">APPLE-SA-2009-09-10-2</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/29106">29106</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/31681">31681</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=32167">http://bugs.mysql.com/bug.php?id=32167</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html">http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html">http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html">http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT3216">http://support.apple.com/kb/HT3216</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT3865">http://support.apple.com/kb/HT3865</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2008/dsa-1608">DSA-1608</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2008:149">MDVSA-2008:149</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2008:150">MDVSA-2008:150</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0505.html">RHSA-2008:0505</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0510.html">RHSA-2008:0510</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0768.html">RHSA-2008:0768</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2009-1289.html">RHSA-2009:1289</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1019995">1019995</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html">SUSE-SR:2008:017</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-671-1">USN-671-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1472/references">ADV-2008-1472</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2780">ADV-2008-2780</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/42267">mysql-myisam-security-bypass(42267)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs222', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs222"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.4">cpe:/a:mysql:mysql:6.0.4</a>  and all previous versions</li>
                                    <li class="vs222">...</li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0">cpe:/a:mysql:mysql:4.1.0</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.1">cpe:/a:mysql:mysql:4.1.1</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.2">cpe:/a:mysql:mysql:4.1.2</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.10">cpe:/a:mysql:mysql:4.1.10</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.11">cpe:/a:mysql:mysql:4.1.11</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.12">cpe:/a:mysql:mysql:4.1.12</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.13">cpe:/a:mysql:mysql:4.1.13</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.14">cpe:/a:mysql:mysql:4.1.14</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.15">cpe:/a:mysql:mysql:4.1.15</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.16">cpe:/a:mysql:mysql:4.1.16</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.17">cpe:/a:mysql:mysql:4.1.17</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.18">cpe:/a:mysql:mysql:4.1.18</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.19">cpe:/a:mysql:mysql:4.1.19</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.20">cpe:/a:mysql:mysql:4.1.20</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.21">cpe:/a:mysql:mysql:4.1.21</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.22">cpe:/a:mysql:mysql:4.1.22</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.23">cpe:/a:mysql:mysql:4.1.23</a>  and all previous versions</li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24a">cpe:/a:mysql:mysql:5.0.24a</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.9">cpe:/a:mysql:mysql:5.0.9</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.23">cpe:/a:mysql:mysql:5.0.23</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.25">cpe:/a:mysql:mysql:5.0.25</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36">cpe:/a:mysql:mysql:5.0.36</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.42">cpe:/a:mysql:mysql:5.0.42</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44">cpe:/a:mysql:mysql:5.0.44</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.50">cpe:/a:mysql:mysql:5.0.50</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51">cpe:/a:mysql:mysql:5.0.51</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.52">cpe:/a:mysql:mysql:5.0.52</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.54">cpe:/a:mysql:mysql:5.0.54</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56">cpe:/a:mysql:mysql:5.0.56</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a>  and all previous versions</li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5a">cpe:/a:mysql:mysql:5.1.5a</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.6">cpe:/a:mysql:mysql:5.1.6</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.7">cpe:/a:mysql:mysql:5.1.7</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.9">cpe:/a:mysql:mysql:5.1.9</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.0">cpe:/a:mysql:mysql:6.0.0</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.1">cpe:/a:mysql:mysql:6.0.1</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.2">cpe:/a:mysql:mysql:6.0.2</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.3">cpe:/a:mysql:mysql:6.0.3</a> </li>
                                                                    <li class="vs222 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.4">cpe:/a:mysql:mysql:6.0.4</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0226">CVE-2008-0226</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2008-0226')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) &quot;input_buffer&amp; operator&gt;&gt;&quot; in yassl_imp.cpp.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html">APPLE-SA-2008-10-09</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/27140">27140</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/31681">31681</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/485810/100/0/threaded">20080104 Multiple vulnerabilities in yaSSL 1.7.5</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/485811/100/0/threaded">20080104 Pre-auth buffer-overflow in mySQL through yaSSL</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/33814">http://bugs.mysql.com/33814</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT3216">http://support.apple.com/kb/HT3216</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2008/dsa-1478">DSA-1478</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2008:150">MDVSA-2008:150</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/3531">3531</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/usn-588-1">USN-588-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0560/references">ADV-2008-0560</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2780">ADV-2008-2780</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/39431">yassl-inputbufferoperator-bo(39431)</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/39429">yassl-processoldclienthello-bo(39429)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs223', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs223"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                    <li class="vs223">...</li>
                                                                    <li class="vs223 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                                                    <li class="vs223 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ayassl%3Ayassl%3A1.7.5">cpe:/a:yassl:yassl:1.7.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5925">CVE-2007-5925</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2007-5925')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/26353">26353</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.gentoo.org/show_bug.cgi?id=198988">http://bugs.gentoo.org/show_bug.cgi?id=198988</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=32125">http://bugs.mysql.com/bug.php?id=32125</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2007/dsa-1413">DSA-1413</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html">FEDORA-2007-4465</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html">FEDORA-2007-4471</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/067350.html">20071106 MySQL 5.x DoS (unknown)</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200711-25.xml">GLSA-200711-25</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:243">MDKSA-2007:243</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-1155.html">RHSA-2007:1155</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-1157.html">RHSA-2007:1157</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018978">1018978</a></li>
                                                                            <li>SLACKWARE - <a target="_blank" href="http://slackware.com/security/viewer.php?l=slackware-security&amp;y=2007&amp;m=slackware-security.428959">SSA:2007-348-01</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html">SUSE-SR:2008:003</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntulinux.org/support/documentation/usn/usn-559-1">USN-559-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3903">ADV-2007-3903</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/38284">mysql-hainnodb-dos(38284)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs224"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2691">CVE-2007-2691</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2007-2691')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:N/I:P/A:P)
                            </p>
                            <p>MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html">APPLE-SA-2008-10-09</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/24016">24016</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/31681">31681</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded">20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT3216">http://support.apple.com/kb/HT3216</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.rpath.com/browse/RPL-1536">https://issues.rpath.com/browse/RPL-1536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2007/dsa-1413">DSA-1413</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:139">MDKSA-2007:139</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=27515">http://bugs.mysql.com/bug.php?id=27515</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://lists.mysql.com/announce/470">[announce] 20070712 MySQL Community Server 5.0.45 has been released!</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0894.html">RHSA-2007:0894</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0364.html">RHSA-2008:0364</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0768.html">RHSA-2008:0768</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018069">1018069</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html">SUSE-SR:2008:003</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntulinux.org/support/documentation/usn/usn-528-1">USN-528-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1804">ADV-2007-1804</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2780">ADV-2008-2780</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/34347">mysql-renametable-weak-security(34347)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs225', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs225"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a>  and all previous versions</li>
                                    <li class="vs225">...</li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1">cpe:/a:mysql:mysql:4.1</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0">cpe:/a:mysql:mysql:4.1.0</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0%3Aalpha">cpe:/a:mysql:mysql:4.1.0:alpha</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0.0">cpe:/a:mysql:mysql:4.1.0.0</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.1">cpe:/a:mysql:mysql:4.1.1</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.2">cpe:/a:mysql:mysql:4.1.2</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.2%3Aalpha">cpe:/a:mysql:mysql:4.1.2:alpha</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.10">cpe:/a:mysql:mysql:4.1.10</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.10a">cpe:/a:mysql:mysql:4.1.10a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.11">cpe:/a:mysql:mysql:4.1.11</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.12">cpe:/a:mysql:mysql:4.1.12</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.12a">cpe:/a:mysql:mysql:4.1.12a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.13">cpe:/a:mysql:mysql:4.1.13</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.13a">cpe:/a:mysql:mysql:4.1.13a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.14">cpe:/a:mysql:mysql:4.1.14</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.14a">cpe:/a:mysql:mysql:4.1.14a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.15">cpe:/a:mysql:mysql:4.1.15</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.15a">cpe:/a:mysql:mysql:4.1.15a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.16">cpe:/a:mysql:mysql:4.1.16</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.17">cpe:/a:mysql:mysql:4.1.17</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.18">cpe:/a:mysql:mysql:4.1.18</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.19">cpe:/a:mysql:mysql:4.1.19</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.20">cpe:/a:mysql:mysql:4.1.20</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.21">cpe:/a:mysql:mysql:4.1.21</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.22">cpe:/a:mysql:mysql:4.1.22</a>  and all previous versions</li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0">cpe:/a:mysql:mysql:5.0</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0.0">cpe:/a:mysql:mysql:5.0.0.0</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3%3Abeta">cpe:/a:mysql:mysql:5.0.3:beta</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5">cpe:/a:mysql:mysql:5.0.5</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.7">cpe:/a:mysql:mysql:5.0.7</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.8">cpe:/a:mysql:mysql:5.0.8</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.9">cpe:/a:mysql:mysql:5.0.9</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22.1.0.1">cpe:/a:mysql:mysql:5.0.22.1.0.1</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a>  and all previous versions</li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.6">cpe:/a:mysql:mysql:5.1.6</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.7">cpe:/a:mysql:mysql:5.1.7</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.8">cpe:/a:mysql:mysql:5.1.8</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.9">cpe:/a:mysql:mysql:5.1.9</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs225 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2583">CVE-2007-2583</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2007-2583')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/23911">23911</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=27513">http://bugs.mysql.com/bug.php?id=27513</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://lists.mysql.com/commits/23685">http://lists.mysql.com/commits/23685</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.rpath.com/browse/RPL-1356">https://issues.rpath.com/browse/RPL-1356</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2007/dsa-1413">DSA-1413</a></li>
                                                                            <li>EXPLOIT-DB - <a target="_blank" href="http://www.exploit-db.com/exploits/30020">30020</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200705-11.xml">GLSA-200705-11</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:139">MDKSA-2007:139</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/124295/MySQL-5.0.x-Denial-Of-Service.html">http://packetstormsecurity.com/files/124295/MySQL-5.0.x-Denial-Of-Service.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0364.html">RHSA-2008:0364</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html">SUSE-SR:2008:003</a></li>
                                                                            <li>TRUSTIX - <a target="_blank" href="http://www.trustix.org/errata/2007/0017/">2007-0017</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntulinux.org/support/documentation/usn/usn-528-1">USN-528-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1731">ADV-2007-1731</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/34232">mysql-if-dos(34232)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs226', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs226"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a>  and all previous versions</li>
                                    <li class="vs226">...</li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0.0">cpe:/a:mysql:mysql:5.0.0.0</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3%3Abeta">cpe:/a:mysql:mysql:5.0.3:beta</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5">cpe:/a:mysql:mysql:5.0.5</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.7">cpe:/a:mysql:mysql:5.0.7</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.8">cpe:/a:mysql:mysql:5.0.8</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.9">cpe:/a:mysql:mysql:5.0.9</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22.1.0.1">cpe:/a:mysql:mysql:5.0.22.1.0.1</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a>  and all previous versions</li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1">cpe:/a:mysql:mysql:5.1</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs226 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1420">CVE-2007-1420</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2007-1420')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/22900">22900</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/462339/100/0/threaded">20070309 SEC Consult SA-20070309-0 :: MySQL 5 Single Row Subselect Denial of Service</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=24630">http://bugs.mysql.com/bug.php?id=24630</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html">http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.rpath.com/browse/RPL-1127">https://issues.rpath.com/browse/RPL-1127</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200705-11.xml">GLSA-200705-11</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:139">MDKSA-2007:139</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.sec-consult.com/284.html">http://www.sec-consult.com/284.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0364.html">RHSA-2008:0364</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1017746">1017746</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/2413">2413</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/usn-440-1">USN-440-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/0908">ADV-2007-0908</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs227', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs227"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a>  and all previous versions</li>
                                    <li class="vs227">...</li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0">cpe:/a:mysql:mysql:5.0</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0.0">cpe:/a:mysql:mysql:5.0.0.0</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3%3Abeta">cpe:/a:mysql:mysql:5.0.3:beta</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5">cpe:/a:mysql:mysql:5.0.5</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.7">cpe:/a:mysql:mysql:5.0.7</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.8">cpe:/a:mysql:mysql:5.0.8</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.9">cpe:/a:mysql:mysql:5.0.9</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a>  and all previous versions</li>
                                                                    <li class="vs227 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-7232">CVE-2006-7232</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2006-7232')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
                            </p>
                            <p>sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/28351">28351</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=22413">http://bugs.mysql.com/bug.php?id=22413</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-32.html">http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-32.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-14.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-14.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0364.html">RHSA-2008:0364</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html">SUSE-SR:2008:017</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/usn-588-1">USN-588-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs228', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs228"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a>  and all previous versions</li>
                                    <li class="vs228">...</li>
                                                                    <li class="vs228 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30%3Asp1">cpe:/a:mysql:mysql:5.0.30:sp1</a>  and all previous versions</li>
                                                                    <li class="vs228 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0837">CVE-2004-0837</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2004-0837')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/11357">11357</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=110140517515735&amp;w=2">20041125 [USN-32-1] mysql vulnerabilities</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/p-018.shtml">P-018</a></li>
                                                                            <li>CONECTIVA - <a target="_blank" href="http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000892">CLA-2004:892</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2004/dsa-562">DSA-562</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml">GLSA-200410-22</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.mysql.com/2408">http://bugs.mysql.com/2408</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://lists.mysql.com/internals/16168">http://lists.mysql.com/internals/16168</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://lists.mysql.com/internals/16173">http://lists.mysql.com/internals/16173</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://lists.mysql.com/internals/16174">http://lists.mysql.com/internals/16174</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://mysql.bkbits.net:8080/mysql-3.23/diffs/myisammrg/myrg_open.c@1.15">http://mysql.bkbits.net:8080/mysql-3.23/diffs/myisammrg/myrg_open.c@1.15</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-597.html">RHSA-2004:597</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-611.html">RHSA-2004:611</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1011606">1011606</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1">101864</a></li>
                                                                            <li>TRUSTIX - <a target="_blank" href="http://www.trustix.org/errata/2004/0054/">2004-0054</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/17667">mysql-union-dos(17667)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs229', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs229"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.49">cpe:/a:mysql:mysql:3.23.49</a>  and all previous versions</li>
                                    <li class="vs229">...</li>
                                                                    <li class="vs229 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.49">cpe:/a:mysql:mysql:3.23.49</a>  and all previous versions</li>
                                                                    <li class="vs229 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.21">cpe:/a:mysql:mysql:4.0.21</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0836">CVE-2004-0836</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2004-0836')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/10981">10981</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=110140517515735&amp;w=2">20041125 [USN-32-1] mysql vulnerabilities</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/p-018.shtml">P-018</a></li>
                                                                            <li>CONECTIVA - <a target="_blank" href="http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000892">CLA-2004:892</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2004/dsa-562">DSA-562</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml">GLSA-200410-22</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=4017">http://bugs.mysql.com/bug.php?id=4017</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://lists.mysql.com/internals/14726">http://lists.mysql.com/internals/14726</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-597.html">RHSA-2004:597</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-611.html">RHSA-2004:611</a></li>
                                                                            <li>TRUSTIX - <a target="_blank" href="http://www.trustix.org/errata/2004/0054/">2004-0054</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/17047">mysql-realconnect-bo(17047)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs230', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs230"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.49">cpe:/a:mysql:mysql:3.23.49</a>  and all previous versions</li>
                                    <li class="vs230">...</li>
                                                                    <li class="vs230 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.49">cpe:/a:mysql:mysql:3.23.49</a>  and all previous versions</li>
                                                                    <li class="vs230 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.21">cpe:/a:mysql:mysql:4.0.21</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0835">CVE-2004-0835</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2004-0835')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/11357">11357</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/p-018.shtml">P-018</a></li>
                                                                            <li>CONECTIVA - <a target="_blank" href="http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000892">CLA-2004:892</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.mysql.org/doc/refman/4.1/en/news-4-0-19.html">http://www.mysql.org/doc/refman/4.1/en/news-4-0-19.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.mysql.org/doc/refman/4.1/en/news-4-1-2.html">http://www.mysql.org/doc/refman/4.1/en/news-4-1-2.html</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2004/dsa-562">DSA-562</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml">GLSA-200410-22</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=3270">http://bugs.mysql.com/bug.php?id=3270</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://lists.mysql.com/internals/13073">http://lists.mysql.com/internals/13073</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-597.html">RHSA-2004:597</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-611.html">RHSA-2004:611</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1011606">1011606</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1">101864</a></li>
                                                                            <li>TRUSTIX - <a target="_blank" href="http://www.trustix.org/errata/2004/0054/">2004-0054</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/17666">mysql-alter-restriction-bypass(17666)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs231', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs231"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.59">cpe:/a:mysql:mysql:3.23.59</a>  and all previous versions</li>
                                    <li class="vs231">...</li>
                                                                    <li class="vs231 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.59">cpe:/a:mysql:mysql:3.23.59</a>  and all previous versions</li>
                                                                    <li class="vs231 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.21">cpe:/a:mysql:mysql:4.0.21</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0457">CVE-2004-0457</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2004-0457')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
                                                                    <ul>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/p-018.shtml">P-018</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2004/dsa-540">DSA-540</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-597.html">RHSA-2004:597</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/17030">mysql-mysqlhotcopy-insecure-file(17030)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs232"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.20">cpe:/a:mysql:mysql:4.0.20</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-1331">CVE-2003-1331</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2003-1331')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)
                            </p>
                            <p>Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/7887">7887</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=564">http://bugs.mysql.com/bug.php?id=564</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/1303.html">20030612 libmysqlclient 4.x and below mysql_real_connect() buffer overflow.</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/12337">mysql-mysqlrealconnect-bo(12337)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs233"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.9%3Agamma">cpe:/a:mysql:mysql:4.0.9:gamma</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1454">CVE-2001-1454</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2001-1454')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/161917">20010209 Some more MySql security issues</a></li>
                                                                            <li>CERT-VN - <a target="_blank" href="http://www.kb.cert.org/vuls/id/367320">VU#367320</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/mysql/en/news-3-23-33.html">http://dev.mysql.com/doc/mysql/en/news-3-23-33.html</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/6419">mysql-drop-database-bo(6419)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs234"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.32">cpe:/a:mysql:mysql:3.23.32</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1275">CVE-2001-1275</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2001-1275')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
                            </p>
                            <p>MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
                                                                    <ul>
                                                                            <li>CALDERA - <a target="_blank" href="http://www.calderasystems.com/support/security/advisories/CSSA-2001-006.0.txt">CSSA-2001-006.0</a></li>
                                                                            <li>FREEBSD - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=98089552030459&amp;w=2">FreeBSD-SA-01:16</a></li>
                                                                            <li>MANDRAKE - <a target="_blank" href="http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-014.php3">MDKSA-2001:014</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2001-003.html">RHSA-2001:003</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs235"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.31">cpe:/a:mysql:mysql:3.23.31</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1274">CVE-2001-1274</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2001-1274')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
                                                                    <ul>
                                                                            <li>CALDERA - <a target="_blank" href="http://www.calderasystems.com/support/security/advisories/CSSA-2001-006.0.txt">CSSA-2001-006.0</a></li>
                                                                            <li>CONECTIVA - <a target="_blank" href="http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000375">CLA-2001:375</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.mysql.com/documentation/mysql/bychapter/manual_News.html#News-3.23.3">http://www.mysql.com/documentation/mysql/bychapter/manual_News.html#News-3.23.3</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2001/dsa-013">DSA-013</a></li>
                                                                            <li>FREEBSD - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=98089552030459&amp;w=2">FreeBSD-SA-01:16</a></li>
                                                                            <li>MANDRAKE - <a target="_blank" href="http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-014.php3">MDKSA-2001:014</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2001-003.html">RHSA-2001:003</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs236"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.31">cpe:/a:mysql:mysql:3.23.31</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0407">CVE-2001-0407</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql.dbdefinition-1.0.4.v201109022331.jar', '7b1abc387591d4a9427bb13344243a220a5d751b', 'cve', 'CVE-2001-0407')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/2522">2522</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2001-03/0237.html">20010318 potential vulnerability of mysqld running with root privileges (can be used as good DoS or r00t expoloit)</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2001-03/0396.html">20010327 MySQL 3.23.36 is relased (fwd)</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/static/6617.php">mysql-dot-directory-traversal(6617)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs237"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.36">cpe:/a:mysql:mysql:3.23.36</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l324_b8862d790cf4715ce8b1a5c54d9fa9ee2557154f"></a>org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.mysql\1.0.4.v201212120617\b8862d790cf4715ce8b1a5c54d9fa9ee2557154f\org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar<br/>
                            <b>MD5:</b>&nbsp;44f378e79fa8e6401887f374b6a8ebad<br/>
                            <b>SHA1:</b>&nbsp;b8862d790cf4715ce8b1a5c54d9fa9ee2557154f
                                                                                </p>
                                                <h4 id="header707" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content707" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.mysql</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.4.v201212120617</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.4.v20121212</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>enablement</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>mysql</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.mysql; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.4.v201212120617</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.emf.ecore;bundle-version=&quot;[2.2.0,3.0.0)&quot;,org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.modelbase.dbdefinition;bundle-version=&quot;[0.9.0,1.5.0)&quot;,org.eclipse.datatools.modelbase.sql;bundle-version=&quot;[0.9.0,1.5.0)&quot;,org.eclipse.datatools.connectivity.sqm.core;bundle-version=&quot;[0.9.0,1.5.0)&quot;,org.eclipse.datatools.connectivity;bundle-version=&quot;[1.0.1,2.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.mysql</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.mysql_1.0.4.v201212120617.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.4.v201212120617</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header708" class="subsectionheader white">Identifiers</h4>
                                                <div id="content708" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Amysql%3Amysql" target="_blank">cpe:/a:mysql:mysql:1.0.4.v20121212</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cpe', 'cpe:/a:mysql:mysql:1.0.4.v20121212')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.mysql/1.0.4.v201212120617/org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.mysql:1.0.4.v201212120617</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header709" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content709" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2575">CVE-2015-2575</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2015-2575')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)
                            </p>
                            <p>Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/74075">74075</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html">http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3621">DSA-3621</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1032121">1032121</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html">SUSE-SU-2015:0946</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2015-05/msg00089.html">openSUSE-SU-2015:0967</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs238"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0001">CVE-2014-0001</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2014-0001')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65298">65298</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64">http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1054592">https://bugzilla.redhat.com/show_bug.cgi?id=1054592</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://mariadb.com/kb/en/mariadb-5535-changelog/">https://mariadb.com/kb/en/mariadb-5535-changelog/</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-201409-04.xml">GLSA-201409-04</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2014:029">MDVSA-2014:029</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0164.html">RHSA-2014:0164</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0173.html">RHSA-2014:0173</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0186.html">RHSA-2014:0186</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0189.html">RHSA-2014:0189</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs239', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs239"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                    <li class="vs239">...</li>
                                                                    <li class="vs239 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.34">cpe:/a:mariadb:mariadb:5.5.34</a>  and all previous versions</li>
                                                                    <li class="vs239 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0375">CVE-2013-0375</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2013-0375')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
                            </p>
                            <p>Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html">http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-201308-06.xml">GLSA-201308-06</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2013:150">MDVSA-2013:150</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0219.html">RHSA-2013:0219</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-1703-1">USN-1703-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs240', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs240"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a>  and all previous versions</li>
                                    <li class="vs240">...</li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a>  and all previous versions</li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34%3Asp1">cpe:/a:mysql:mysql:5.1.34:sp1</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37%3Asp1">cpe:/a:mysql:mysql:5.1.37:sp1</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40%3Asp1">cpe:/a:mysql:mysql:5.1.40:sp1</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.41">cpe:/a:mysql:mysql:5.1.41</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.42">cpe:/a:mysql:mysql:5.1.42</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43">cpe:/a:mysql:mysql:5.1.43</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43%3Asp1">cpe:/a:mysql:mysql:5.1.43:sp1</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.44">cpe:/a:mysql:mysql:5.1.44</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46">cpe:/a:mysql:mysql:5.1.46</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46%3Asp1">cpe:/a:mysql:mysql:5.1.46:sp1</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.47">cpe:/a:mysql:mysql:5.1.47</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.48">cpe:/a:mysql:mysql:5.1.48</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.49">cpe:/a:mysql:mysql:5.1.49</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.49%3Asp1">cpe:/a:mysql:mysql:5.1.49:sp1</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.50">cpe:/a:mysql:mysql:5.1.50</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5a">cpe:/a:mysql:mysql:5.1.5a</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.51">cpe:/a:oracle:mysql:5.1.51</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.52">cpe:/a:oracle:mysql:5.1.52</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.52%3Asp1">cpe:/a:oracle:mysql:5.1.52:sp1</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.53">cpe:/a:oracle:mysql:5.1.53</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.54">cpe:/a:oracle:mysql:5.1.54</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.55">cpe:/a:oracle:mysql:5.1.55</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.56">cpe:/a:oracle:mysql:5.1.56</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.57">cpe:/a:oracle:mysql:5.1.57</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.58">cpe:/a:oracle:mysql:5.1.58</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.59">cpe:/a:oracle:mysql:5.1.59</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.60">cpe:/a:oracle:mysql:5.1.60</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.61">cpe:/a:oracle:mysql:5.1.61</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.62">cpe:/a:oracle:mysql:5.1.62</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.63">cpe:/a:oracle:mysql:5.1.63</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.64">cpe:/a:oracle:mysql:5.1.64</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.65">cpe:/a:oracle:mysql:5.1.65</a> </li>
                                                                    <li class="vs240 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Amysql%3A5.1.66">cpe:/a:oracle:mysql:5.1.66</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5627">CVE-2012-5627</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2012-5627')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
                                                            <br/>CWE: CWE-255 Credentials Management
                            </p>
                            <p>Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="https://mariadb.atlassian.net/browse/MDEV-3915">https://mariadb.atlassian.net/browse/MDEV-3915</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2012/Dec/58">20121203 MySQL Local/Remote FAST Account Password Cracking</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2012/Dec/83">20121205 Re: MySQL Local/Remote FAST Account Password	Cracking</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-201308-06.xml">GLSA-201308-06</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2013:102">MDVSA-2013:102</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=883719">https://bugzilla.redhat.com/show_bug.cgi?id=883719</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://seclists.org/oss-sec/2012/q4/424">[oss-security] 20121206 Re: CVE request: Mysql/Mariadb insecure salt-usage</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs241', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs241"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                    <li class="vs241">...</li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.0">cpe:/a:mariadb:mariadb:5.2.0</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.1">cpe:/a:mariadb:mariadb:5.2.1</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.2">cpe:/a:mariadb:mariadb:5.2.2</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.3">cpe:/a:mariadb:mariadb:5.2.3</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.4">cpe:/a:mariadb:mariadb:5.2.4</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.5">cpe:/a:mariadb:mariadb:5.2.5</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.6">cpe:/a:mariadb:mariadb:5.2.6</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.7">cpe:/a:mariadb:mariadb:5.2.7</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.8">cpe:/a:mariadb:mariadb:5.2.8</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.9">cpe:/a:mariadb:mariadb:5.2.9</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.10">cpe:/a:mariadb:mariadb:5.2.10</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.11">cpe:/a:mariadb:mariadb:5.2.11</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.12">cpe:/a:mariadb:mariadb:5.2.12</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.2.13">cpe:/a:mariadb:mariadb:5.2.13</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.0">cpe:/a:mariadb:mariadb:5.3.0</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.1">cpe:/a:mariadb:mariadb:5.3.1</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.2">cpe:/a:mariadb:mariadb:5.3.2</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.3">cpe:/a:mariadb:mariadb:5.3.3</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.4">cpe:/a:mariadb:mariadb:5.3.4</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.5">cpe:/a:mariadb:mariadb:5.3.5</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.6">cpe:/a:mariadb:mariadb:5.3.6</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.7">cpe:/a:mariadb:mariadb:5.3.7</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.8">cpe:/a:mariadb:mariadb:5.3.8</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.9">cpe:/a:mariadb:mariadb:5.3.9</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.10">cpe:/a:mariadb:mariadb:5.3.10</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.3.11">cpe:/a:mariadb:mariadb:5.3.11</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.20">cpe:/a:mariadb:mariadb:5.5.20</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.21">cpe:/a:mariadb:mariadb:5.5.21</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.22">cpe:/a:mariadb:mariadb:5.5.22</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.23">cpe:/a:mariadb:mariadb:5.5.23</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.24">cpe:/a:mariadb:mariadb:5.5.24</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.25">cpe:/a:mariadb:mariadb:5.5.25</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.27">cpe:/a:mariadb:mariadb:5.5.27</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amariadb%3Amariadb%3A5.5.28">cpe:/a:mariadb:mariadb:5.5.28</a> </li>
                                                                    <li class="vs241 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3682">CVE-2010-3682</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2010-3682')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                            </p>
                            <p>Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted &quot;SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)&quot; statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html">APPLE-SA-2011-06-23-1</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/42599">42599</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=52711">http://bugs.mysql.com/bug.php?id=52711</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html">http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT4723">http://support.apple.com/kb/HT4723</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=628328">https://bugzilla.redhat.com/show_bug.cgi?id=628328</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2011/dsa-2143">DSA-2143</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:155">MDVSA-2010:155</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:222">MDVSA-2010:222</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2011:012">MDVSA-2011:012</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/09/28/10">[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS  flaws</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0825.html">RHSA-2010:0825</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2011-0164.html">RHSA-2011:0164</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html">SUSE-SR:2010:019</a></li>
                                                                            <li>TURBO - <a target="_blank" href="http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt">TLSA-2011-3</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-1017-1">USN-1017-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0105">ADV-2011-0105</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0133">ADV-2011-0133</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0170">ADV-2011-0170</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0345">ADV-2011-0345</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/64684">mysql-itemsinglerowsubselect-dos(64684)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs242', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs242"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.91">cpe:/a:mysql:mysql:5.0.91</a>  and all previous versions</li>
                                    <li class="vs242">...</li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.28">cpe:/a:mysql:mysql:5.0.28</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30%3Asp1">cpe:/a:mysql:mysql:5.0.30:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.34">cpe:/a:mysql:mysql:5.0.34</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36">cpe:/a:mysql:mysql:5.0.36</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36%3Asp1">cpe:/a:mysql:mysql:5.0.36:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.40">cpe:/a:mysql:mysql:5.0.40</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.42">cpe:/a:mysql:mysql:5.0.42</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44">cpe:/a:mysql:mysql:5.0.44</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44%3Asp1">cpe:/a:mysql:mysql:5.0.44:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.46">cpe:/a:mysql:mysql:5.0.46</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.48">cpe:/a:mysql:mysql:5.0.48</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.50">cpe:/a:mysql:mysql:5.0.50</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51%3Aa">cpe:/a:mysql:mysql:5.0.51:a</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51%3Ab">cpe:/a:mysql:mysql:5.0.51:b</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.52">cpe:/a:mysql:mysql:5.0.52</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.54">cpe:/a:mysql:mysql:5.0.54</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56">cpe:/a:mysql:mysql:5.0.56</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56%3Asp1">cpe:/a:mysql:mysql:5.0.56:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.58">cpe:/a:mysql:mysql:5.0.58</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.60">cpe:/a:mysql:mysql:5.0.60</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.62">cpe:/a:mysql:mysql:5.0.62</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.64">cpe:/a:mysql:mysql:5.0.64</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66">cpe:/a:mysql:mysql:5.0.66</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66%3Aa">cpe:/a:mysql:mysql:5.0.66:a</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66%3Asp1">cpe:/a:mysql:mysql:5.0.66:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.67">cpe:/a:mysql:mysql:5.0.67</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.68">cpe:/a:mysql:mysql:5.0.68</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.70">cpe:/a:mysql:mysql:5.0.70</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.72">cpe:/a:mysql:mysql:5.0.72</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.72%3Asp1">cpe:/a:mysql:mysql:5.0.72:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.74">cpe:/a:mysql:mysql:5.0.74</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.74%3Asp1">cpe:/a:mysql:mysql:5.0.74:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.75">cpe:/a:mysql:mysql:5.0.75</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.76">cpe:/a:mysql:mysql:5.0.76</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.77">cpe:/a:mysql:mysql:5.0.77</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.78">cpe:/a:mysql:mysql:5.0.78</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.79">cpe:/a:mysql:mysql:5.0.79</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.80">cpe:/a:mysql:mysql:5.0.80</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.81">cpe:/a:mysql:mysql:5.0.81</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82">cpe:/a:mysql:mysql:5.0.82</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82%3Asp1">cpe:/a:mysql:mysql:5.0.82:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.83">cpe:/a:mysql:mysql:5.0.83</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84">cpe:/a:mysql:mysql:5.0.84</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84%3Asp1">cpe:/a:mysql:mysql:5.0.84:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.85">cpe:/a:mysql:mysql:5.0.85</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.86">cpe:/a:mysql:mysql:5.0.86</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87">cpe:/a:mysql:mysql:5.0.87</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87%3Asp1">cpe:/a:mysql:mysql:5.0.87:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.88">cpe:/a:mysql:mysql:5.0.88</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.89">cpe:/a:mysql:mysql:5.0.89</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.90">cpe:/a:mysql:mysql:5.0.90</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.91">cpe:/a:mysql:mysql:5.0.91</a>  and all previous versions</li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34%3Asp1">cpe:/a:mysql:mysql:5.1.34:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37%3Asp1">cpe:/a:mysql:mysql:5.1.37:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40%3Asp1">cpe:/a:mysql:mysql:5.1.40:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.41">cpe:/a:mysql:mysql:5.1.41</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.42">cpe:/a:mysql:mysql:5.1.42</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43">cpe:/a:mysql:mysql:5.1.43</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43%3Asp1">cpe:/a:mysql:mysql:5.1.43:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.44">cpe:/a:mysql:mysql:5.1.44</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46">cpe:/a:mysql:mysql:5.1.46</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46%3Asp1">cpe:/a:mysql:mysql:5.1.46:sp1</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.47">cpe:/a:mysql:mysql:5.1.47</a> </li>
                                                                    <li class="vs242 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.48">cpe:/a:mysql:mysql:5.1.48</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3677">CVE-2010-3677</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2010-3677')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html">APPLE-SA-2011-06-23-1</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/42646">42646</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html">http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT4723">http://support.apple.com/kb/HT4723</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=628040">https://bugzilla.redhat.com/show_bug.cgi?id=628040</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2011/dsa-2143">DSA-2143</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:155">MDVSA-2010:155</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:222">MDVSA-2010:222</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2011:012">MDVSA-2011:012</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=54575">http://bugs.mysql.com/bug.php?id=54575</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/09/28/10">[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS  flaws</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0825.html">RHSA-2010:0825</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2011-0164.html">RHSA-2011:0164</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html">SUSE-SR:2010:019</a></li>
                                                                            <li>TURBO - <a target="_blank" href="http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt">TLSA-2011-3</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-1017-1">USN-1017-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0105">ADV-2011-0105</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0133">ADV-2011-0133</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0170">ADV-2011-0170</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0345">ADV-2011-0345</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/64688">mysql-setcolumn-dos(64688)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs243', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs243"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.91">cpe:/a:mysql:mysql:5.0.91</a>  and all previous versions</li>
                                    <li class="vs243">...</li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.28">cpe:/a:mysql:mysql:5.0.28</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30%3Asp1">cpe:/a:mysql:mysql:5.0.30:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.34">cpe:/a:mysql:mysql:5.0.34</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36">cpe:/a:mysql:mysql:5.0.36</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36%3Asp1">cpe:/a:mysql:mysql:5.0.36:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.40">cpe:/a:mysql:mysql:5.0.40</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.42">cpe:/a:mysql:mysql:5.0.42</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44">cpe:/a:mysql:mysql:5.0.44</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44%3Asp1">cpe:/a:mysql:mysql:5.0.44:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.46">cpe:/a:mysql:mysql:5.0.46</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.48">cpe:/a:mysql:mysql:5.0.48</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.50">cpe:/a:mysql:mysql:5.0.50</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51%3Aa">cpe:/a:mysql:mysql:5.0.51:a</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51%3Ab">cpe:/a:mysql:mysql:5.0.51:b</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.52">cpe:/a:mysql:mysql:5.0.52</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.54">cpe:/a:mysql:mysql:5.0.54</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56">cpe:/a:mysql:mysql:5.0.56</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56%3Asp1">cpe:/a:mysql:mysql:5.0.56:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.58">cpe:/a:mysql:mysql:5.0.58</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.60">cpe:/a:mysql:mysql:5.0.60</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.62">cpe:/a:mysql:mysql:5.0.62</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.64">cpe:/a:mysql:mysql:5.0.64</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66">cpe:/a:mysql:mysql:5.0.66</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66%3Aa">cpe:/a:mysql:mysql:5.0.66:a</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66%3Asp1">cpe:/a:mysql:mysql:5.0.66:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.67">cpe:/a:mysql:mysql:5.0.67</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.68">cpe:/a:mysql:mysql:5.0.68</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.70">cpe:/a:mysql:mysql:5.0.70</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.72">cpe:/a:mysql:mysql:5.0.72</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.72%3Asp1">cpe:/a:mysql:mysql:5.0.72:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.74">cpe:/a:mysql:mysql:5.0.74</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.74%3Asp1">cpe:/a:mysql:mysql:5.0.74:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.75">cpe:/a:mysql:mysql:5.0.75</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.76">cpe:/a:mysql:mysql:5.0.76</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.77">cpe:/a:mysql:mysql:5.0.77</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.78">cpe:/a:mysql:mysql:5.0.78</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.79">cpe:/a:mysql:mysql:5.0.79</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.80">cpe:/a:mysql:mysql:5.0.80</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.81">cpe:/a:mysql:mysql:5.0.81</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82">cpe:/a:mysql:mysql:5.0.82</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82%3Asp1">cpe:/a:mysql:mysql:5.0.82:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.83">cpe:/a:mysql:mysql:5.0.83</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84">cpe:/a:mysql:mysql:5.0.84</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84%3Asp1">cpe:/a:mysql:mysql:5.0.84:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.85">cpe:/a:mysql:mysql:5.0.85</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.86">cpe:/a:mysql:mysql:5.0.86</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87">cpe:/a:mysql:mysql:5.0.87</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87%3Asp1">cpe:/a:mysql:mysql:5.0.87:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.88">cpe:/a:mysql:mysql:5.0.88</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.89">cpe:/a:mysql:mysql:5.0.89</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.90">cpe:/a:mysql:mysql:5.0.90</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.91">cpe:/a:mysql:mysql:5.0.91</a>  and all previous versions</li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34%3Asp1">cpe:/a:mysql:mysql:5.1.34:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37%3Asp1">cpe:/a:mysql:mysql:5.1.37:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40%3Asp1">cpe:/a:mysql:mysql:5.1.40:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.41">cpe:/a:mysql:mysql:5.1.41</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.42">cpe:/a:mysql:mysql:5.1.42</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43">cpe:/a:mysql:mysql:5.1.43</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43%3Asp1">cpe:/a:mysql:mysql:5.1.43:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.44">cpe:/a:mysql:mysql:5.1.44</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46">cpe:/a:mysql:mysql:5.1.46</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46%3Asp1">cpe:/a:mysql:mysql:5.1.46:sp1</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.47">cpe:/a:mysql:mysql:5.1.47</a> </li>
                                                                    <li class="vs243 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.48">cpe:/a:mysql:mysql:5.1.48</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2008">CVE-2010-2008</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2010-2008')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/41198">41198</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=53804">http://bugs.mysql.com/bug.php?id=53804</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html">FEDORA-2010-11135</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:155">MDVSA-2010:155</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1024160">1024160</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-1017-1">USN-1017-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1918">ADV-2010-1918</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs244', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs244"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.47">cpe:/a:mysql:mysql:5.1.47</a>  and all previous versions</li>
                                    <li class="vs244">...</li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1">cpe:/a:mysql:mysql:5.1</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.6">cpe:/a:mysql:mysql:5.1.6</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.7">cpe:/a:mysql:mysql:5.1.7</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.8">cpe:/a:mysql:mysql:5.1.8</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.9">cpe:/a:mysql:mysql:5.1.9</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34%3Asp1">cpe:/a:mysql:mysql:5.1.34:sp1</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37%3Asp1">cpe:/a:mysql:mysql:5.1.37:sp1</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40%3Asp1">cpe:/a:mysql:mysql:5.1.40:sp1</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.41">cpe:/a:mysql:mysql:5.1.41</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.42">cpe:/a:mysql:mysql:5.1.42</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43">cpe:/a:mysql:mysql:5.1.43</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43%3Asp1">cpe:/a:mysql:mysql:5.1.43:sp1</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.44">cpe:/a:mysql:mysql:5.1.44</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46">cpe:/a:mysql:mysql:5.1.46</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.46%3Asp1">cpe:/a:mysql:mysql:5.1.46:sp1</a> </li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.47">cpe:/a:mysql:mysql:5.1.47</a>  and all previous versions</li>
                                                                    <li class="vs244 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5a">cpe:/a:mysql:mysql:5.1.5a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1626">CVE-2010-1626</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2010-1626')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 3.6 (AV:L/AC:L/Au:N/C:N/I:P/A:P)
                                                            <br/>CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
                            </p>
                            <p>MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/40257">40257</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=40980">http://bugs.mysql.com/bug.php?id=40980</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:101">MDVSA-2010:101</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/05/10/2">[oss-security] 20100510 Re: A mysql flaw.</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/05/18/4">[oss-security] 20100518 Re: A mysql flaw.</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0442.html">RHSA-2010:0442</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1024004">1024004</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html">SUSE-SR:2010:019</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html">SUSE-SR:2010:021</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1194">ADV-2010-1194</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs245', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs245"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a>  and all previous versions</li>
                                    <li class="vs245">...</li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24a">cpe:/a:mysql:mysql:5.0.24a</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.23">cpe:/a:mysql:mysql:5.0.23</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45b">cpe:/a:mysql:mysql:5.0.45b</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51a">cpe:/a:mysql:mysql:5.0.51a</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51b">cpe:/a:mysql:mysql:5.0.51b</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.67">cpe:/a:mysql:mysql:5.0.67</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.75">cpe:/a:mysql:mysql:5.0.75</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.77">cpe:/a:mysql:mysql:5.0.77</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.81">cpe:/a:mysql:mysql:5.0.81</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82">cpe:/a:mysql:mysql:5.0.82</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.83">cpe:/a:mysql:mysql:5.0.83</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84">cpe:/a:mysql:mysql:5.0.84</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.85">cpe:/a:mysql:mysql:5.0.85</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.86">cpe:/a:mysql:mysql:5.0.86</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87">cpe:/a:mysql:mysql:5.0.87</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.88">cpe:/a:mysql:mysql:5.0.88</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.89">cpe:/a:mysql:mysql:5.0.89</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.90">cpe:/a:mysql:mysql:5.0.90</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.91">cpe:/a:mysql:mysql:5.0.91</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.41">cpe:/a:mysql:mysql:5.1.41</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.42">cpe:/a:mysql:mysql:5.1.42</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.43">cpe:/a:mysql:mysql:5.1.43</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.44">cpe:/a:mysql:mysql:5.1.44</a> </li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a>  and all previous versions</li>
                                                                    <li class="vs245 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5a">cpe:/a:mysql:mysql:5.1.5a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1621">CVE-2010-1621</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2010-1621')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/39543">39543</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=51770">http://bugs.mysql.com/bug.php?id=51770</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-46.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-46.html</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:093">MDVSA-2010:093</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs246"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.45">cpe:/a:mysql:mysql:5.1.45</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4028">CVE-2009-4028</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2009-4028')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/47320">http://bugs.mysql.com/47320</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html">http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://lists.mysql.com/commits/87446">[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2009/11/19/3">[oss-security] 20091119 mysql-5.1.41</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=oss-security&amp;m=125881733826437&amp;w=2">[oss-security] 20091121 CVE Request - MySQL - 5.0.88</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2009/11/23/16">[oss-security] 20091123 Re: mysql-5.1.41</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0109.html">RHSA-2010:0109</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html">SUSE-SR:2010:011</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1107">ADV-2010-1107</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs247', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs247"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87">cpe:/a:mysql:mysql:5.0.87</a>  and all previous versions</li>
                                    <li class="vs247">...</li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0">cpe:/a:mysql:mysql:5.0</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0.0">cpe:/a:mysql:mysql:5.0.0.0</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24a">cpe:/a:mysql:mysql:5.0.24a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3%3Abeta">cpe:/a:mysql:mysql:5.0.3:beta</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5">cpe:/a:mysql:mysql:5.0.5</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51a">cpe:/a:mysql:mysql:5.0.51a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51b">cpe:/a:mysql:mysql:5.0.51b</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.7">cpe:/a:mysql:mysql:5.0.7</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.8">cpe:/a:mysql:mysql:5.0.8</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22.1.0.1">cpe:/a:mysql:mysql:5.0.22.1.0.1</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.23">cpe:/a:mysql:mysql:5.0.23</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.25">cpe:/a:mysql:mysql:5.0.25</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.26">cpe:/a:mysql:mysql:5.0.26</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30%3Asp1">cpe:/a:mysql:mysql:5.0.30:sp1</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36">cpe:/a:mysql:mysql:5.0.36</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.42">cpe:/a:mysql:mysql:5.0.42</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44">cpe:/a:mysql:mysql:5.0.44</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.50">cpe:/a:mysql:mysql:5.0.50</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51">cpe:/a:mysql:mysql:5.0.51</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.52">cpe:/a:mysql:mysql:5.0.52</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.54">cpe:/a:mysql:mysql:5.0.54</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56">cpe:/a:mysql:mysql:5.0.56</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.60">cpe:/a:mysql:mysql:5.0.60</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.66">cpe:/a:mysql:mysql:5.0.66</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.75">cpe:/a:mysql:mysql:5.0.75</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.77">cpe:/a:mysql:mysql:5.0.77</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.81">cpe:/a:mysql:mysql:5.0.81</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.82">cpe:/a:mysql:mysql:5.0.82</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.83">cpe:/a:mysql:mysql:5.0.83</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.84">cpe:/a:mysql:mysql:5.0.84</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.85">cpe:/a:mysql:mysql:5.0.85</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.86">cpe:/a:mysql:mysql:5.0.86</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.87">cpe:/a:mysql:mysql:5.0.87</a>  and all previous versions</li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1">cpe:/a:mysql:mysql:5.1</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.6">cpe:/a:mysql:mysql:5.1.6</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.7">cpe:/a:mysql:mysql:5.1.7</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.8">cpe:/a:mysql:mysql:5.1.8</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.9">cpe:/a:mysql:mysql:5.1.9</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32">cpe:/a:mysql:mysql:5.1.32</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.33">cpe:/a:mysql:mysql:5.1.33</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34">cpe:/a:mysql:mysql:5.1.34</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.34%3Asp1">cpe:/a:mysql:mysql:5.1.34:sp1</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.35">cpe:/a:mysql:mysql:5.1.35</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.36">cpe:/a:mysql:mysql:5.1.36</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37">cpe:/a:mysql:mysql:5.1.37</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.37%3Asp1">cpe:/a:mysql:mysql:5.1.37:sp1</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.38">cpe:/a:mysql:mysql:5.1.38</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.39">cpe:/a:mysql:mysql:5.1.39</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40">cpe:/a:mysql:mysql:5.1.40</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.40%3Asp1">cpe:/a:mysql:mysql:5.1.40:sp1</a> </li>
                                                                    <li class="vs247 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5a">cpe:/a:mysql:mysql:5.1.5a</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0819">CVE-2009-0819</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2009-0819')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                            </p>
                            <p>sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via &quot;an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML(),&quot; which triggers an assertion failure.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/33972">33972</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=42495">http://bugs.mysql.com/bug.php?id=42495</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/6.0/en/news-6-0-10.html">http://dev.mysql.com/doc/refman/6.0/en/news-6-0-10.html</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1021786">1021786</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2009/0594">ADV-2009-0594</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/49050">mysql-xpath-dos(49050)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs248', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs248"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a>  and all previous versions</li>
                                    <li class="vs248">...</li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1">cpe:/a:mysql:mysql:5.1</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23%3Aa">cpe:/a:mysql:mysql:5.1.23:a</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.24">cpe:/a:mysql:mysql:5.1.24</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.25">cpe:/a:mysql:mysql:5.1.25</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.26">cpe:/a:mysql:mysql:5.1.26</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.27">cpe:/a:mysql:mysql:5.1.27</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.28">cpe:/a:mysql:mysql:5.1.28</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.29">cpe:/a:mysql:mysql:5.1.29</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.30">cpe:/a:mysql:mysql:5.1.30</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31">cpe:/a:mysql:mysql:5.1.31</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.31%3Asp1">cpe:/a:mysql:mysql:5.1.31:sp1</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.32-bzr">cpe:/a:mysql:mysql:5.1.32-bzr</a>  and all previous versions</li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.0">cpe:/a:mysql:mysql:6.0.0</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.1">cpe:/a:mysql:mysql:6.0.1</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.2">cpe:/a:mysql:mysql:6.0.2</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.3">cpe:/a:mysql:mysql:6.0.3</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.4">cpe:/a:mysql:mysql:6.0.4</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.9">cpe:/a:mysql:mysql:6.0.9</a> </li>
                                                                    <li class="vs248 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.10-bzr">cpe:/a:mysql:mysql:6.0.10-bzr</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4098">CVE-2008-4098</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2008-4098')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
                            </p>
                            <p>MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=32167">http://bugs.mysql.com/bug.php?id=32167</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2008/dsa-1662">DSA-1662</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:094">MDVSA-2009:094</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2008/09/09/20">[oss-security] 20080909 Re: CVE request: MySQL incomplete fix for CVE-2008-2079</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2008/09/16/3">[oss-security] 20080916 Re: CVE request: MySQL incomplete fix for CVE-2008-2079</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2009-1067.html">RHSA-2009:1067</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0110.html">RHSA-2010:0110</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html">SUSE-SR:2008:025</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-671-1">USN-671-1</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://ubuntu.com/usn/usn-897-1">USN-897-1</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/45649">mysql-myisam-symlink-security-bypass(45649)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs249', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs249"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                    <li class="vs249">...</li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.20">cpe:/a:mysql:mysql:3.20</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.20.32a">cpe:/a:mysql:mysql:3.20.32a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.21">cpe:/a:mysql:mysql:3.21</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22">cpe:/a:mysql:mysql:3.22</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.26">cpe:/a:mysql:mysql:3.22.26</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.27">cpe:/a:mysql:mysql:3.22.27</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.28">cpe:/a:mysql:mysql:3.22.28</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.29">cpe:/a:mysql:mysql:3.22.29</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.30">cpe:/a:mysql:mysql:3.22.30</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.22.32">cpe:/a:mysql:mysql:3.22.32</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23">cpe:/a:mysql:mysql:3.23</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.0%3Aalpha">cpe:/a:mysql:mysql:3.23.0:alpha</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.1">cpe:/a:mysql:mysql:3.23.1</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.2">cpe:/a:mysql:mysql:3.23.2</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.3">cpe:/a:mysql:mysql:3.23.3</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.4">cpe:/a:mysql:mysql:3.23.4</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.5">cpe:/a:mysql:mysql:3.23.5</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.6">cpe:/a:mysql:mysql:3.23.6</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.7">cpe:/a:mysql:mysql:3.23.7</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.8">cpe:/a:mysql:mysql:3.23.8</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.9">cpe:/a:mysql:mysql:3.23.9</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.10">cpe:/a:mysql:mysql:3.23.10</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.11">cpe:/a:mysql:mysql:3.23.11</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.12">cpe:/a:mysql:mysql:3.23.12</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.13">cpe:/a:mysql:mysql:3.23.13</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.14">cpe:/a:mysql:mysql:3.23.14</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.15">cpe:/a:mysql:mysql:3.23.15</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.16">cpe:/a:mysql:mysql:3.23.16</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.17">cpe:/a:mysql:mysql:3.23.17</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.18">cpe:/a:mysql:mysql:3.23.18</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.19">cpe:/a:mysql:mysql:3.23.19</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.20%3Abeta">cpe:/a:mysql:mysql:3.23.20:beta</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.21">cpe:/a:mysql:mysql:3.23.21</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.22">cpe:/a:mysql:mysql:3.23.22</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.23">cpe:/a:mysql:mysql:3.23.23</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.24">cpe:/a:mysql:mysql:3.23.24</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.25">cpe:/a:mysql:mysql:3.23.25</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.26">cpe:/a:mysql:mysql:3.23.26</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.27">cpe:/a:mysql:mysql:3.23.27</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.28">cpe:/a:mysql:mysql:3.23.28</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.28%3Agamma">cpe:/a:mysql:mysql:3.23.28:gamma</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.29">cpe:/a:mysql:mysql:3.23.29</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.30">cpe:/a:mysql:mysql:3.23.30</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.31">cpe:/a:mysql:mysql:3.23.31</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.32">cpe:/a:mysql:mysql:3.23.32</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.33">cpe:/a:mysql:mysql:3.23.33</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.34">cpe:/a:mysql:mysql:3.23.34</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.35">cpe:/a:mysql:mysql:3.23.35</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.36">cpe:/a:mysql:mysql:3.23.36</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.37">cpe:/a:mysql:mysql:3.23.37</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.38">cpe:/a:mysql:mysql:3.23.38</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.39">cpe:/a:mysql:mysql:3.23.39</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.40">cpe:/a:mysql:mysql:3.23.40</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.41">cpe:/a:mysql:mysql:3.23.41</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.42">cpe:/a:mysql:mysql:3.23.42</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.43">cpe:/a:mysql:mysql:3.23.43</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.44">cpe:/a:mysql:mysql:3.23.44</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.45">cpe:/a:mysql:mysql:3.23.45</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.46">cpe:/a:mysql:mysql:3.23.46</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.47">cpe:/a:mysql:mysql:3.23.47</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.48">cpe:/a:mysql:mysql:3.23.48</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.49">cpe:/a:mysql:mysql:3.23.49</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.50">cpe:/a:mysql:mysql:3.23.50</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.51">cpe:/a:mysql:mysql:3.23.51</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.52">cpe:/a:mysql:mysql:3.23.52</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.53">cpe:/a:mysql:mysql:3.23.53</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.53a">cpe:/a:mysql:mysql:3.23.53a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.54">cpe:/a:mysql:mysql:3.23.54</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.54a">cpe:/a:mysql:mysql:3.23.54a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.55">cpe:/a:mysql:mysql:3.23.55</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.56">cpe:/a:mysql:mysql:3.23.56</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.57">cpe:/a:mysql:mysql:3.23.57</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.58">cpe:/a:mysql:mysql:3.23.58</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.59">cpe:/a:mysql:mysql:3.23.59</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.0">cpe:/a:mysql:mysql:4.0.0</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.1">cpe:/a:mysql:mysql:4.0.1</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.2">cpe:/a:mysql:mysql:4.0.2</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.3">cpe:/a:mysql:mysql:4.0.3</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.4">cpe:/a:mysql:mysql:4.0.4</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.5">cpe:/a:mysql:mysql:4.0.5</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.5a">cpe:/a:mysql:mysql:4.0.5a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.6">cpe:/a:mysql:mysql:4.0.6</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.7">cpe:/a:mysql:mysql:4.0.7</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.7%3Agamma">cpe:/a:mysql:mysql:4.0.7:gamma</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.8">cpe:/a:mysql:mysql:4.0.8</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.8%3Agamma">cpe:/a:mysql:mysql:4.0.8:gamma</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.9">cpe:/a:mysql:mysql:4.0.9</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.9%3Agamma">cpe:/a:mysql:mysql:4.0.9:gamma</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.10">cpe:/a:mysql:mysql:4.0.10</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.11">cpe:/a:mysql:mysql:4.0.11</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.11%3Agamma">cpe:/a:mysql:mysql:4.0.11:gamma</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.12">cpe:/a:mysql:mysql:4.0.12</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.13">cpe:/a:mysql:mysql:4.0.13</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.14">cpe:/a:mysql:mysql:4.0.14</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.15">cpe:/a:mysql:mysql:4.0.15</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.16">cpe:/a:mysql:mysql:4.0.16</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.17">cpe:/a:mysql:mysql:4.0.17</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.18">cpe:/a:mysql:mysql:4.0.18</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.19">cpe:/a:mysql:mysql:4.0.19</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.20">cpe:/a:mysql:mysql:4.0.20</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.21">cpe:/a:mysql:mysql:4.0.21</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.23">cpe:/a:mysql:mysql:4.0.23</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.24">cpe:/a:mysql:mysql:4.0.24</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.25">cpe:/a:mysql:mysql:4.0.25</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.26">cpe:/a:mysql:mysql:4.0.26</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.27">cpe:/a:mysql:mysql:4.0.27</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1">cpe:/a:mysql:mysql:4.1</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0">cpe:/a:mysql:mysql:4.1.0</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0%3Aalpha">cpe:/a:mysql:mysql:4.1.0:alpha</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0.0">cpe:/a:mysql:mysql:4.1.0.0</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.1">cpe:/a:mysql:mysql:4.1.1</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.10a">cpe:/a:mysql:mysql:4.1.10a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.12a">cpe:/a:mysql:mysql:4.1.12a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.13a">cpe:/a:mysql:mysql:4.1.13a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.14a">cpe:/a:mysql:mysql:4.1.14a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.15a">cpe:/a:mysql:mysql:4.1.15a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.2">cpe:/a:mysql:mysql:4.1.2</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.2%3Aalpha">cpe:/a:mysql:mysql:4.1.2:alpha</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.3">cpe:/a:mysql:mysql:4.1.3</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.3%3Abeta">cpe:/a:mysql:mysql:4.1.3:beta</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.4">cpe:/a:mysql:mysql:4.1.4</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.5">cpe:/a:mysql:mysql:4.1.5</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.6">cpe:/a:mysql:mysql:4.1.6</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.7">cpe:/a:mysql:mysql:4.1.7</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.8">cpe:/a:mysql:mysql:4.1.8</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.9">cpe:/a:mysql:mysql:4.1.9</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.10">cpe:/a:mysql:mysql:4.1.10</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.11">cpe:/a:mysql:mysql:4.1.11</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.12">cpe:/a:mysql:mysql:4.1.12</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.13">cpe:/a:mysql:mysql:4.1.13</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.14">cpe:/a:mysql:mysql:4.1.14</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.15">cpe:/a:mysql:mysql:4.1.15</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.16">cpe:/a:mysql:mysql:4.1.16</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.17">cpe:/a:mysql:mysql:4.1.17</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.18">cpe:/a:mysql:mysql:4.1.18</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.19">cpe:/a:mysql:mysql:4.1.19</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.20">cpe:/a:mysql:mysql:4.1.20</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.21">cpe:/a:mysql:mysql:4.1.21</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.22">cpe:/a:mysql:mysql:4.1.22</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.23">cpe:/a:mysql:mysql:4.1.23</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.8a">cpe:/a:mysql:mysql:4.1.8a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0">cpe:/a:mysql:mysql:5.0</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0.0">cpe:/a:mysql:mysql:5.0.0.0</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3%3Abeta">cpe:/a:mysql:mysql:5.0.3:beta</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5">cpe:/a:mysql:mysql:5.0.5</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.7">cpe:/a:mysql:mysql:5.0.7</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.8">cpe:/a:mysql:mysql:5.0.8</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.9">cpe:/a:mysql:mysql:5.0.9</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22.1.0.1">cpe:/a:mysql:mysql:5.0.22.1.0.1</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.23">cpe:/a:mysql:mysql:5.0.23</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24a">cpe:/a:mysql:mysql:5.0.24a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.25">cpe:/a:mysql:mysql:5.0.25</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30%3Asp1">cpe:/a:mysql:mysql:5.0.30:sp1</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36">cpe:/a:mysql:mysql:5.0.36</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.42">cpe:/a:mysql:mysql:5.0.42</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44">cpe:/a:mysql:mysql:5.0.44</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.50">cpe:/a:mysql:mysql:5.0.50</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51a">cpe:/a:mysql:mysql:5.0.51a</a> </li>
                                                                    <li class="vs249 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51b">cpe:/a:mysql:mysql:5.0.51b</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2079">CVE-2008-2079</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2008-2079')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html">APPLE-SA-2008-10-09</a></li>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html">APPLE-SA-2009-09-10-2</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/29106">29106</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/31681">31681</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=32167">http://bugs.mysql.com/bug.php?id=32167</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html">http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html">http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html">http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT3216">http://support.apple.com/kb/HT3216</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT3865">http://support.apple.com/kb/HT3865</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2008/dsa-1608">DSA-1608</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2008:149">MDVSA-2008:149</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2008:150">MDVSA-2008:150</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0505.html">RHSA-2008:0505</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0510.html">RHSA-2008:0510</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0768.html">RHSA-2008:0768</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2009-1289.html">RHSA-2009:1289</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1019995">1019995</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html">SUSE-SR:2008:017</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-671-1">USN-671-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1472/references">ADV-2008-1472</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2780">ADV-2008-2780</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/42267">mysql-myisam-security-bypass(42267)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs250', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs250"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.4">cpe:/a:mysql:mysql:6.0.4</a>  and all previous versions</li>
                                    <li class="vs250">...</li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0">cpe:/a:mysql:mysql:4.1.0</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.1">cpe:/a:mysql:mysql:4.1.1</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.2">cpe:/a:mysql:mysql:4.1.2</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.10">cpe:/a:mysql:mysql:4.1.10</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.11">cpe:/a:mysql:mysql:4.1.11</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.12">cpe:/a:mysql:mysql:4.1.12</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.13">cpe:/a:mysql:mysql:4.1.13</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.14">cpe:/a:mysql:mysql:4.1.14</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.15">cpe:/a:mysql:mysql:4.1.15</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.16">cpe:/a:mysql:mysql:4.1.16</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.17">cpe:/a:mysql:mysql:4.1.17</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.18">cpe:/a:mysql:mysql:4.1.18</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.19">cpe:/a:mysql:mysql:4.1.19</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.20">cpe:/a:mysql:mysql:4.1.20</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.21">cpe:/a:mysql:mysql:4.1.21</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.22">cpe:/a:mysql:mysql:4.1.22</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.23">cpe:/a:mysql:mysql:4.1.23</a>  and all previous versions</li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24a">cpe:/a:mysql:mysql:5.0.24a</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.9">cpe:/a:mysql:mysql:5.0.9</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.23">cpe:/a:mysql:mysql:5.0.23</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.25">cpe:/a:mysql:mysql:5.0.25</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.36">cpe:/a:mysql:mysql:5.0.36</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.42">cpe:/a:mysql:mysql:5.0.42</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.44">cpe:/a:mysql:mysql:5.0.44</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.45">cpe:/a:mysql:mysql:5.0.45</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.50">cpe:/a:mysql:mysql:5.0.50</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.51">cpe:/a:mysql:mysql:5.0.51</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.52">cpe:/a:mysql:mysql:5.0.52</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.54">cpe:/a:mysql:mysql:5.0.54</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.56">cpe:/a:mysql:mysql:5.0.56</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23a">cpe:/a:mysql:mysql:5.1.23a</a>  and all previous versions</li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5a">cpe:/a:mysql:mysql:5.1.5a</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.6">cpe:/a:mysql:mysql:5.1.6</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.7">cpe:/a:mysql:mysql:5.1.7</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.9">cpe:/a:mysql:mysql:5.1.9</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.18">cpe:/a:mysql:mysql:5.1.18</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.19">cpe:/a:mysql:mysql:5.1.19</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.20">cpe:/a:mysql:mysql:5.1.20</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.21">cpe:/a:mysql:mysql:5.1.21</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.22">cpe:/a:mysql:mysql:5.1.22</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23">cpe:/a:mysql:mysql:5.1.23</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.0">cpe:/a:mysql:mysql:6.0.0</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.1">cpe:/a:mysql:mysql:6.0.1</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.2">cpe:/a:mysql:mysql:6.0.2</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.3">cpe:/a:mysql:mysql:6.0.3</a> </li>
                                                                    <li class="vs250 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A6.0.4">cpe:/a:mysql:mysql:6.0.4</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0226">CVE-2008-0226</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2008-0226')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) &quot;input_buffer&amp; operator&gt;&gt;&quot; in yassl_imp.cpp.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html">APPLE-SA-2008-10-09</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/27140">27140</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/31681">31681</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/485810/100/0/threaded">20080104 Multiple vulnerabilities in yaSSL 1.7.5</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/485811/100/0/threaded">20080104 Pre-auth buffer-overflow in mySQL through yaSSL</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/33814">http://bugs.mysql.com/33814</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT3216">http://support.apple.com/kb/HT3216</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2008/dsa-1478">DSA-1478</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2008:150">MDVSA-2008:150</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/3531">3531</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/usn-588-1">USN-588-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0560/references">ADV-2008-0560</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2780">ADV-2008-2780</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/39431">yassl-inputbufferoperator-bo(39431)</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/39429">yassl-processoldclienthello-bo(39429)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs251', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs251"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                    <li class="vs251">...</li>
                                                                    <li class="vs251 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql">cpe:/a:mysql:mysql</a> </li>
                                                                    <li class="vs251 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ayassl%3Ayassl%3A1.7.5">cpe:/a:yassl:yassl:1.7.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5925">CVE-2007-5925</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2007-5925')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/26353">26353</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.gentoo.org/show_bug.cgi?id=198988">http://bugs.gentoo.org/show_bug.cgi?id=198988</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=32125">http://bugs.mysql.com/bug.php?id=32125</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2007/dsa-1413">DSA-1413</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html">FEDORA-2007-4465</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html">FEDORA-2007-4471</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/067350.html">20071106 MySQL 5.x DoS (unknown)</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200711-25.xml">GLSA-200711-25</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:243">MDKSA-2007:243</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-1155.html">RHSA-2007:1155</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-1157.html">RHSA-2007:1157</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018978">1018978</a></li>
                                                                            <li>SLACKWARE - <a target="_blank" href="http://slackware.com/security/viewer.php?l=slackware-security&amp;y=2007&amp;m=slackware-security.428959">SSA:2007-348-01</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html">SUSE-SR:2008:003</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntulinux.org/support/documentation/usn/usn-559-1">USN-559-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3903">ADV-2007-3903</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/38284">mysql-hainnodb-dos(38284)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs252"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.23_bk">cpe:/a:mysql:mysql:5.1.23_bk</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2691">CVE-2007-2691</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2007-2691')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:N/I:P/A:P)
                            </p>
                            <p>MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html">APPLE-SA-2008-10-09</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/24016">24016</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/31681">31681</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded">20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT3216">http://support.apple.com/kb/HT3216</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.rpath.com/browse/RPL-1536">https://issues.rpath.com/browse/RPL-1536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2007/dsa-1413">DSA-1413</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:139">MDKSA-2007:139</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=27515">http://bugs.mysql.com/bug.php?id=27515</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://lists.mysql.com/announce/470">[announce] 20070712 MySQL Community Server 5.0.45 has been released!</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0894.html">RHSA-2007:0894</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0364.html">RHSA-2008:0364</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0768.html">RHSA-2008:0768</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1018069">1018069</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html">SUSE-SR:2008:003</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntulinux.org/support/documentation/usn/usn-528-1">USN-528-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1804">ADV-2007-1804</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/2780">ADV-2008-2780</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/34347">mysql-renametable-weak-security(34347)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs253', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs253"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a>  and all previous versions</li>
                                    <li class="vs253">...</li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1">cpe:/a:mysql:mysql:4.1</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0">cpe:/a:mysql:mysql:4.1.0</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0%3Aalpha">cpe:/a:mysql:mysql:4.1.0:alpha</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.0.0">cpe:/a:mysql:mysql:4.1.0.0</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.1">cpe:/a:mysql:mysql:4.1.1</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.2">cpe:/a:mysql:mysql:4.1.2</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.2%3Aalpha">cpe:/a:mysql:mysql:4.1.2:alpha</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.10">cpe:/a:mysql:mysql:4.1.10</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.10a">cpe:/a:mysql:mysql:4.1.10a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.11">cpe:/a:mysql:mysql:4.1.11</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.12">cpe:/a:mysql:mysql:4.1.12</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.12a">cpe:/a:mysql:mysql:4.1.12a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.13">cpe:/a:mysql:mysql:4.1.13</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.13a">cpe:/a:mysql:mysql:4.1.13a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.14">cpe:/a:mysql:mysql:4.1.14</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.14a">cpe:/a:mysql:mysql:4.1.14a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.15">cpe:/a:mysql:mysql:4.1.15</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.15a">cpe:/a:mysql:mysql:4.1.15a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.16">cpe:/a:mysql:mysql:4.1.16</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.17">cpe:/a:mysql:mysql:4.1.17</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.18">cpe:/a:mysql:mysql:4.1.18</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.19">cpe:/a:mysql:mysql:4.1.19</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.20">cpe:/a:mysql:mysql:4.1.20</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.21">cpe:/a:mysql:mysql:4.1.21</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.1.22">cpe:/a:mysql:mysql:4.1.22</a>  and all previous versions</li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0">cpe:/a:mysql:mysql:5.0</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0.0">cpe:/a:mysql:mysql:5.0.0.0</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3%3Abeta">cpe:/a:mysql:mysql:5.0.3:beta</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5">cpe:/a:mysql:mysql:5.0.5</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.7">cpe:/a:mysql:mysql:5.0.7</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.8">cpe:/a:mysql:mysql:5.0.8</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.9">cpe:/a:mysql:mysql:5.0.9</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22.1.0.1">cpe:/a:mysql:mysql:5.0.22.1.0.1</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a>  and all previous versions</li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.2">cpe:/a:mysql:mysql:5.1.2</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.3">cpe:/a:mysql:mysql:5.1.3</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.4">cpe:/a:mysql:mysql:5.1.4</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.5">cpe:/a:mysql:mysql:5.1.5</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.6">cpe:/a:mysql:mysql:5.1.6</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.7">cpe:/a:mysql:mysql:5.1.7</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.8">cpe:/a:mysql:mysql:5.1.8</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.9">cpe:/a:mysql:mysql:5.1.9</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs253 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2583">CVE-2007-2583</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2007-2583')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/23911">23911</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=27513">http://bugs.mysql.com/bug.php?id=27513</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://lists.mysql.com/commits/23685">http://lists.mysql.com/commits/23685</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.rpath.com/browse/RPL-1356">https://issues.rpath.com/browse/RPL-1356</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2007/dsa-1413">DSA-1413</a></li>
                                                                            <li>EXPLOIT-DB - <a target="_blank" href="http://www.exploit-db.com/exploits/30020">30020</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200705-11.xml">GLSA-200705-11</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:139">MDKSA-2007:139</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/124295/MySQL-5.0.x-Denial-Of-Service.html">http://packetstormsecurity.com/files/124295/MySQL-5.0.x-Denial-Of-Service.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0364.html">RHSA-2008:0364</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html">SUSE-SR:2008:003</a></li>
                                                                            <li>TRUSTIX - <a target="_blank" href="http://www.trustix.org/errata/2007/0017/">2007-0017</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntulinux.org/support/documentation/usn/usn-528-1">USN-528-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1731">ADV-2007-1731</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/34232">mysql-if-dos(34232)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs254', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs254"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a>  and all previous versions</li>
                                    <li class="vs254">...</li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0.0">cpe:/a:mysql:mysql:5.0.0.0</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3%3Abeta">cpe:/a:mysql:mysql:5.0.3:beta</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5">cpe:/a:mysql:mysql:5.0.5</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5.0.21">cpe:/a:mysql:mysql:5.0.5.0.21</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.7">cpe:/a:mysql:mysql:5.0.7</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.8">cpe:/a:mysql:mysql:5.0.8</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.9">cpe:/a:mysql:mysql:5.0.9</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22.1.0.1">cpe:/a:mysql:mysql:5.0.22.1.0.1</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.37">cpe:/a:mysql:mysql:5.0.37</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.38">cpe:/a:mysql:mysql:5.0.38</a>  and all previous versions</li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1">cpe:/a:mysql:mysql:5.1</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.1">cpe:/a:mysql:mysql:5.1.1</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.10">cpe:/a:mysql:mysql:5.1.10</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.11">cpe:/a:mysql:mysql:5.1.11</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.12">cpe:/a:mysql:mysql:5.1.12</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.14">cpe:/a:mysql:mysql:5.1.14</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.15">cpe:/a:mysql:mysql:5.1.15</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.16">cpe:/a:mysql:mysql:5.1.16</a> </li>
                                                                    <li class="vs254 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.17">cpe:/a:mysql:mysql:5.1.17</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1420">CVE-2007-1420</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2007-1420')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/22900">22900</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/462339/100/0/threaded">20070309 SEC Consult SA-20070309-0 :: MySQL 5 Single Row Subselect Denial of Service</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=24630">http://bugs.mysql.com/bug.php?id=24630</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html">http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.rpath.com/browse/RPL-1127">https://issues.rpath.com/browse/RPL-1127</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200705-11.xml">GLSA-200705-11</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:139">MDKSA-2007:139</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.sec-consult.com/284.html">http://www.sec-consult.com/284.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0364.html">RHSA-2008:0364</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1017746">1017746</a></li>
                                                                            <li>SREASON - <a target="_blank" href="http://securityreason.com/securityalert/2413">2413</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/usn-440-1">USN-440-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/0908">ADV-2007-0908</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs255', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs255"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a>  and all previous versions</li>
                                    <li class="vs255">...</li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0">cpe:/a:mysql:mysql:5.0</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0">cpe:/a:mysql:mysql:5.0.0</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0%3Aalpha">cpe:/a:mysql:mysql:5.0.0:alpha</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.0.0">cpe:/a:mysql:mysql:5.0.0.0</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1">cpe:/a:mysql:mysql:5.0.1</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10">cpe:/a:mysql:mysql:5.0.10</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.10a">cpe:/a:mysql:mysql:5.0.10a</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.11">cpe:/a:mysql:mysql:5.0.11</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.12">cpe:/a:mysql:mysql:5.0.12</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.13">cpe:/a:mysql:mysql:5.0.13</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.14">cpe:/a:mysql:mysql:5.0.14</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15">cpe:/a:mysql:mysql:5.0.15</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.15a">cpe:/a:mysql:mysql:5.0.15a</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16">cpe:/a:mysql:mysql:5.0.16</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.16a">cpe:/a:mysql:mysql:5.0.16a</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17">cpe:/a:mysql:mysql:5.0.17</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.17a">cpe:/a:mysql:mysql:5.0.17a</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.1a">cpe:/a:mysql:mysql:5.0.1a</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.2">cpe:/a:mysql:mysql:5.0.2</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20a">cpe:/a:mysql:mysql:5.0.20a</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3">cpe:/a:mysql:mysql:5.0.3</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3%3Abeta">cpe:/a:mysql:mysql:5.0.3:beta</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.3a">cpe:/a:mysql:mysql:5.0.3a</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4">cpe:/a:mysql:mysql:5.0.4</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.4a">cpe:/a:mysql:mysql:5.0.4a</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.5">cpe:/a:mysql:mysql:5.0.5</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.6">cpe:/a:mysql:mysql:5.0.6</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.7">cpe:/a:mysql:mysql:5.0.7</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.8">cpe:/a:mysql:mysql:5.0.8</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.9">cpe:/a:mysql:mysql:5.0.9</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.18">cpe:/a:mysql:mysql:5.0.18</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.19">cpe:/a:mysql:mysql:5.0.19</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.20">cpe:/a:mysql:mysql:5.0.20</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.21">cpe:/a:mysql:mysql:5.0.21</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.22">cpe:/a:mysql:mysql:5.0.22</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.24">cpe:/a:mysql:mysql:5.0.24</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.27">cpe:/a:mysql:mysql:5.0.27</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30">cpe:/a:mysql:mysql:5.0.30</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.32">cpe:/a:mysql:mysql:5.0.32</a> </li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.33">cpe:/a:mysql:mysql:5.0.33</a>  and all previous versions</li>
                                                                    <li class="vs255 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.41">cpe:/a:mysql:mysql:5.0.41</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-7232">CVE-2006-7232</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2006-7232')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
                            </p>
                            <p>sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/28351">28351</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=22413">http://bugs.mysql.com/bug.php?id=22413</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-32.html">http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-32.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/refman/5.1/en/news-5-1-14.html">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-14.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0364.html">RHSA-2008:0364</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html">SUSE-SR:2008:017</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/usn-588-1">USN-588-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs256', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs256"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a>  and all previous versions</li>
                                    <li class="vs256">...</li>
                                                                    <li class="vs256 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.0.30%3Asp1">cpe:/a:mysql:mysql:5.0.30:sp1</a>  and all previous versions</li>
                                                                    <li class="vs256 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A5.1.13">cpe:/a:mysql:mysql:5.1.13</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0837">CVE-2004-0837</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2004-0837')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/11357">11357</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=110140517515735&amp;w=2">20041125 [USN-32-1] mysql vulnerabilities</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/p-018.shtml">P-018</a></li>
                                                                            <li>CONECTIVA - <a target="_blank" href="http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000892">CLA-2004:892</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2004/dsa-562">DSA-562</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml">GLSA-200410-22</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.mysql.com/2408">http://bugs.mysql.com/2408</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://lists.mysql.com/internals/16168">http://lists.mysql.com/internals/16168</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://lists.mysql.com/internals/16173">http://lists.mysql.com/internals/16173</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://lists.mysql.com/internals/16174">http://lists.mysql.com/internals/16174</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://mysql.bkbits.net:8080/mysql-3.23/diffs/myisammrg/myrg_open.c@1.15">http://mysql.bkbits.net:8080/mysql-3.23/diffs/myisammrg/myrg_open.c@1.15</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-597.html">RHSA-2004:597</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-611.html">RHSA-2004:611</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1011606">1011606</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1">101864</a></li>
                                                                            <li>TRUSTIX - <a target="_blank" href="http://www.trustix.org/errata/2004/0054/">2004-0054</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/17667">mysql-union-dos(17667)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs257', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs257"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.49">cpe:/a:mysql:mysql:3.23.49</a>  and all previous versions</li>
                                    <li class="vs257">...</li>
                                                                    <li class="vs257 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.49">cpe:/a:mysql:mysql:3.23.49</a>  and all previous versions</li>
                                                                    <li class="vs257 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.21">cpe:/a:mysql:mysql:4.0.21</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0836">CVE-2004-0836</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2004-0836')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/10981">10981</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=110140517515735&amp;w=2">20041125 [USN-32-1] mysql vulnerabilities</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/p-018.shtml">P-018</a></li>
                                                                            <li>CONECTIVA - <a target="_blank" href="http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000892">CLA-2004:892</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2004/dsa-562">DSA-562</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml">GLSA-200410-22</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=4017">http://bugs.mysql.com/bug.php?id=4017</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://lists.mysql.com/internals/14726">http://lists.mysql.com/internals/14726</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-597.html">RHSA-2004:597</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-611.html">RHSA-2004:611</a></li>
                                                                            <li>TRUSTIX - <a target="_blank" href="http://www.trustix.org/errata/2004/0054/">2004-0054</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/17047">mysql-realconnect-bo(17047)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs258', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs258"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.49">cpe:/a:mysql:mysql:3.23.49</a>  and all previous versions</li>
                                    <li class="vs258">...</li>
                                                                    <li class="vs258 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.49">cpe:/a:mysql:mysql:3.23.49</a>  and all previous versions</li>
                                                                    <li class="vs258 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.21">cpe:/a:mysql:mysql:4.0.21</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0835">CVE-2004-0835</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2004-0835')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/11357">11357</a></li>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/p-018.shtml">P-018</a></li>
                                                                            <li>CONECTIVA - <a target="_blank" href="http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000892">CLA-2004:892</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.mysql.org/doc/refman/4.1/en/news-4-0-19.html">http://www.mysql.org/doc/refman/4.1/en/news-4-0-19.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.mysql.org/doc/refman/4.1/en/news-4-1-2.html">http://www.mysql.org/doc/refman/4.1/en/news-4-1-2.html</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2004/dsa-562">DSA-562</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml">GLSA-200410-22</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=3270">http://bugs.mysql.com/bug.php?id=3270</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://lists.mysql.com/internals/13073">http://lists.mysql.com/internals/13073</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-597.html">RHSA-2004:597</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-611.html">RHSA-2004:611</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1011606">1011606</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1">101864</a></li>
                                                                            <li>TRUSTIX - <a target="_blank" href="http://www.trustix.org/errata/2004/0054/">2004-0054</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/17666">mysql-alter-restriction-bypass(17666)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs259', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs259"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.59">cpe:/a:mysql:mysql:3.23.59</a>  and all previous versions</li>
                                    <li class="vs259">...</li>
                                                                    <li class="vs259 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.59">cpe:/a:mysql:mysql:3.23.59</a>  and all previous versions</li>
                                                                    <li class="vs259 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.21">cpe:/a:mysql:mysql:4.0.21</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0457">CVE-2004-0457</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2004-0457')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
                                                                    <ul>
                                                                            <li>CIAC - <a target="_blank" href="http://www.ciac.org/ciac/bulletins/p-018.shtml">P-018</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2004/dsa-540">DSA-540</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2004-597.html">RHSA-2004:597</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/17030">mysql-mysqlhotcopy-insecure-file(17030)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs260"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.20">cpe:/a:mysql:mysql:4.0.20</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-1331">CVE-2003-1331</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2003-1331')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)
                            </p>
                            <p>Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/7887">7887</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://bugs.mysql.com/bug.php?id=564">http://bugs.mysql.com/bug.php?id=564</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/1303.html">20030612 libmysqlclient 4.x and below mysql_real_connect() buffer overflow.</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/12337">mysql-mysqlrealconnect-bo(12337)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs261"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A4.0.9%3Agamma">cpe:/a:mysql:mysql:4.0.9:gamma</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1454">CVE-2001-1454</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2001-1454')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
                                                                    <ul>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/161917">20010209 Some more MySql security issues</a></li>
                                                                            <li>CERT-VN - <a target="_blank" href="http://www.kb.cert.org/vuls/id/367320">VU#367320</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://dev.mysql.com/doc/mysql/en/news-3-23-33.html">http://dev.mysql.com/doc/mysql/en/news-3-23-33.html</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/6419">mysql-drop-database-bo(6419)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs262"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.32">cpe:/a:mysql:mysql:3.23.32</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1275">CVE-2001-1275</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2001-1275')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
                            </p>
                            <p>MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
                                                                    <ul>
                                                                            <li>CALDERA - <a target="_blank" href="http://www.calderasystems.com/support/security/advisories/CSSA-2001-006.0.txt">CSSA-2001-006.0</a></li>
                                                                            <li>FREEBSD - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=98089552030459&amp;w=2">FreeBSD-SA-01:16</a></li>
                                                                            <li>MANDRAKE - <a target="_blank" href="http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-014.php3">MDKSA-2001:014</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2001-003.html">RHSA-2001:003</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs263"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.31">cpe:/a:mysql:mysql:3.23.31</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1274">CVE-2001-1274</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2001-1274')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
                                                                    <ul>
                                                                            <li>CALDERA - <a target="_blank" href="http://www.calderasystems.com/support/security/advisories/CSSA-2001-006.0.txt">CSSA-2001-006.0</a></li>
                                                                            <li>CONECTIVA - <a target="_blank" href="http://distro.conectiva.com.br/atualizacoes/?id=a&amp;anuncio=000375">CLA-2001:375</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.mysql.com/documentation/mysql/bychapter/manual_News.html#News-3.23.3">http://www.mysql.com/documentation/mysql/bychapter/manual_News.html#News-3.23.3</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2001/dsa-013">DSA-013</a></li>
                                                                            <li>FREEBSD - <a target="_blank" href="http://marc.info/?l=bugtraq&amp;m=98089552030459&amp;w=2">FreeBSD-SA-01:16</a></li>
                                                                            <li>MANDRAKE - <a target="_blank" href="http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-014.php3">MDKSA-2001:014</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2001-003.html">RHSA-2001:003</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs264"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.31">cpe:/a:mysql:mysql:3.23.31</a>  and all previous versions</li>
                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0407">CVE-2001-0407</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.mysql-1.0.4.v201212120617.jar', 'b8862d790cf4715ce8b1a5c54d9fa9ee2557154f', 'cve', 'CVE-2001-0407')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
                            </p>
                            <p>Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/2522">2522</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2001-03/0237.html">20010318 potential vulnerability of mysqld running with root privileges (can be used as good DoS or r00t expoloit)</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2001-03/0396.html">20010327 MySQL 3.23.36 is relased (fwd)</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/static/6617.php">mysql-dot-directory-traversal(6617)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs265"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Amysql%3Amysql%3A3.23.36">cpe:/a:mysql:mysql:3.23.36</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l325_cc7814580f2fb5890c54681fec0f98b3e1386b51"></a>org.eclipse.datatools.enablement.oda.ws-1.2.6.v201403131825.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.oda.ws\1.2.6.v201403131825\cc7814580f2fb5890c54681fec0f98b3e1386b51\org.eclipse.datatools.enablement.oda.ws-1.2.6.v201403131825.jar<br/>
                            <b>MD5:</b>&nbsp;f38bc06778ddbd8297a522d6907f780b<br/>
                            <b>SHA1:</b>&nbsp;cc7814580f2fb5890c54681fec0f98b3e1386b51
                                                                                </p>
                                                <h4 id="header710" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content710" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.oda.ws</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.6.v201403131825</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.oda.ws-1.2.6.v201403131825</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.6.v20140313</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>enablement</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>oda</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%plugin.name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.oda.ws; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2.6.v201403131825</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.connectivity.oda;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.connectivity.oda.profile;bundle-version=&quot;[3.0.7,4.0.0)&quot;;resolution:=optional,org.eclipse.datatools.enablement.oda.xml;bundle-version=&quot;[1.2.0,2.0.0)&quot;,javax.wsdl;bundle-version=&quot;[1.5.0,1.6.0)&quot;,org.apache.xerces;bundle-version=&quot;[2.8.0,3.0.0)&quot;;resolution:=optional</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.oda.ws</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.oda.ws_1.2.6.v201403131825.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.6.v201403131825</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header711" class="subsectionheader white">Identifiers</h4>
                                                <div id="content711" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.2.6.v20140313
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.oda.ws-1.2.6.v201403131825.jar', 'cc7814580f2fb5890c54681fec0f98b3e1386b51', 'cpe', 'cpe:/a:eclipse:birt:1.2.6.v20140313')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.oda.ws/1.2.6.v201403131825/org.eclipse.datatools.enablement.oda.ws-1.2.6.v201403131825.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oda.ws:1.2.6.v201403131825</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header712" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content712" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.oda.ws-1.2.6.v201403131825.jar', 'cc7814580f2fb5890c54681fec0f98b3e1386b51', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs266"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l326_b5be50518c251d4c022959aeb6f871d6fea33fcc"></a>org.eclipse.datatools.enablement.oda.xml-1.2.5.v201305031101.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.oda.xml\1.2.5.v201305031101\b5be50518c251d4c022959aeb6f871d6fea33fcc\org.eclipse.datatools.enablement.oda.xml-1.2.5.v201305031101.jar<br/>
                            <b>MD5:</b>&nbsp;58849f828c50fff8ef3e9be4ac636508<br/>
                            <b>SHA1:</b>&nbsp;b5be50518c251d4c022959aeb6f871d6fea33fcc
                                                                                </p>
                                                <h4 id="header713" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content713" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.oda.xml</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.5.v201305031101</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.oda.xml-1.2.5.v201305031101</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.5.v20130503</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>enablement</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>oda</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%plugin.name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.oda.xml;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2.5.v201305031101</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.connectivity.oda;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.apache.xerces;bundle-version=&quot;[2.8.0,3.0.0)&quot;,org.eclipse.datatools.connectivity.oda.profile;bundle-version=&quot;[3.0.7,4.0.0)&quot;;resolution:=optional</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.oda.xml</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.oda.xml_1.2.5.v201305031101.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.5.v201305031101</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header714" class="subsectionheader white">Identifiers</h4>
                                                <div id="content714" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.2.5.v20130503
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.oda.xml-1.2.5.v201305031101.jar', 'b5be50518c251d4c022959aeb6f871d6fea33fcc', 'cpe', 'cpe:/a:eclipse:birt:1.2.5.v20130503')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.oda.xml/1.2.5.v201305031101/org.eclipse.datatools.enablement.oda.xml-1.2.5.v201305031101.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oda.xml:1.2.5.v201305031101</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header715" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content715" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.oda.xml-1.2.5.v201305031101.jar', 'b5be50518c251d4c022959aeb6f871d6fea33fcc', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs267"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l327_af90f9d09101fb165a260896477c01385b6c8fd1"></a>org.eclipse.datatools.enablement.oracle.dbdefinition-1.0.103.v201206010214.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.oracle.dbdefinition\1.0.103.v201206010214\af90f9d09101fb165a260896477c01385b6c8fd1\org.eclipse.datatools.enablement.oracle.dbdefinition-1.0.103.v201206010214.jar<br/>
                            <b>MD5:</b>&nbsp;f7cd9df4d5a76c851f3097996214862b<br/>
                            <b>SHA1:</b>&nbsp;af90f9d09101fb165a260896477c01385b6c8fd1
                                                                                </p>
                                                <h4 id="header716" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content716" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.oracle.dbdefinition</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.103.v201206010214</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.oracle.dbdefinition-1.0.103.v201206010214</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.103.v20120601</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.oracle.dbdefinition; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.103.v201206010214</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.oracle.dbdefinition</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.oracle.dbdefinition_1.0.103.v201206010214.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.103.v201206010214</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header717" class="subsectionheader white">Identifiers</h4>
                                                <div id="content717" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.103.v20120601
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.oracle.dbdefinition-1.0.103.v201206010214.jar', 'af90f9d09101fb165a260896477c01385b6c8fd1', 'cpe', 'cpe:/a:eclipse:birt:1.0.103.v20120601')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.oracle.dbdefinition/1.0.103.v201206010214/org.eclipse.datatools.enablement.oracle.dbdefinition-1.0.103.v201206010214.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oracle.dbdefinition:1.0.103.v201206010214</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header718" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content718" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.oracle.dbdefinition-1.0.103.v201206010214.jar', 'af90f9d09101fb165a260896477c01385b6c8fd1', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs268"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l328_5628f462cfa241fff7b11f1df4c21802f174dd08"></a>org.eclipse.datatools.enablement.oracle-1.0.0.v201107221506.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.oracle\1.0.0.v201107221506\5628f462cfa241fff7b11f1df4c21802f174dd08\org.eclipse.datatools.enablement.oracle-1.0.0.v201107221506.jar<br/>
                            <b>MD5:</b>&nbsp;4be65c4c38bee9128501d3169da945b2<br/>
                            <b>SHA1:</b>&nbsp;5628f462cfa241fff7b11f1df4c21802f174dd08
                                                                                </p>
                                                <h4 id="header719" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content719" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.oracle</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.0.v201107221506</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.oracle-1.0.0.v201107221506</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.0.v20110722</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>enablement</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.oracle;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.0.v201107221506</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.datatools.connectivity;bundle-version=&quot;[1.0.1,2.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.oracle</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.oracle_1.0.0.v201107221506.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.0.v201107221506</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header720" class="subsectionheader white">Identifiers</h4>
                                                <div id="content720" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.0.v20110722
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.oracle-1.0.0.v201107221506.jar', '5628f462cfa241fff7b11f1df4c21802f174dd08', 'cpe', 'cpe:/a:eclipse:birt:1.0.0.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.oracle/1.0.0.v201107221506/org.eclipse.datatools.enablement.oracle-1.0.0.v201107221506.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.oracle:1.0.0.v201107221506</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header721" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content721" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.oracle-1.0.0.v201107221506.jar', '5628f462cfa241fff7b11f1df4c21802f174dd08', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs269"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l329_8021bc614192f060a880cc407aba8adcfea6fb7f"></a>org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.postgresql.dbdefinition\1.0.2.v201110070445\8021bc614192f060a880cc407aba8adcfea6fb7f\org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar<br/>
                            <b>MD5:</b>&nbsp;505940588e48631bd378b83030fa966e<br/>
                            <b>SHA1:</b>&nbsp;8021bc614192f060a880cc407aba8adcfea6fb7f
                                                                                </p>
                                                <h4 id="header722" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content722" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.postgresql.dbdefinition</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.2.v201110070445</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.2.v20111007</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.postgresql.dbdefinition; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.2.v201110070445</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.postgresql.dbdefinition</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.postgresql.dbdefinition_1.0.2.v201110070445.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.2.v201110070445</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header723" class="subsectionheader white">Identifiers</h4>
                                                <div id="content723" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:postgresql:postgresql:1.0.2.v20111007
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cpe', 'cpe:/a:postgresql:postgresql:1.0.2.v20111007')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.postgresql.dbdefinition/1.0.2.v201110070445/org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.postgresql.dbdefinition:1.0.2.v201110070445</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header724" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content724" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0773">CVE-2016-0773</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2016-0773')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/83184">83184</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html">http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1644/">http://www.postgresql.org/about/news/1644/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-1-20.html">http://www.postgresql.org/docs/current/static/release-9-1-20.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-2-15.html">http://www.postgresql.org/docs/current/static/release-9-2-15.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-3-11.html">http://www.postgresql.org/docs/current/static/release-9-3-11.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-4-6.html">http://www.postgresql.org/docs/current/static/release-9-4-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-5-1.html">http://www.postgresql.org/docs/current/static/release-9-5-1.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10152">https://kc.mcafee.com/corporate/index?page=content&id=SB10152</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3475">DSA-3475</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3476">DSA-3476</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177878.html">FEDORA-2016-b0c2412ab2</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html">FEDORA-2016-e0a6c9ebc4</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-1060.html">RHSA-2016:1060</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1035005">1035005</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html">SUSE-SU-2016:0539</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html">SUSE-SU-2016:0555</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html">SUSE-SU-2016:0677</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html">openSUSE-SU-2016:0531</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html">openSUSE-SU-2016:0578</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2894-1">USN-2894-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs270', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs270"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.19">cpe:/a:postgresql:postgresql:9.1.19</a>  and all previous versions</li>
                                    <li class="vs270">...</li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.19">cpe:/a:postgresql:postgresql:9.1.19</a>  and all previous versions</li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.7">cpe:/a:postgresql:postgresql:9.2.7</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.8">cpe:/a:postgresql:postgresql:9.2.8</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.9">cpe:/a:postgresql:postgresql:9.2.9</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.10">cpe:/a:postgresql:postgresql:9.2.10</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.11">cpe:/a:postgresql:postgresql:9.2.11</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.12">cpe:/a:postgresql:postgresql:9.2.12</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.13">cpe:/a:postgresql:postgresql:9.2.13</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.14">cpe:/a:postgresql:postgresql:9.2.14</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4">cpe:/a:postgresql:postgresql:9.4</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.1">cpe:/a:postgresql:postgresql:9.4.1</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.2">cpe:/a:postgresql:postgresql:9.4.2</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.3">cpe:/a:postgresql:postgresql:9.4.3</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.4">cpe:/a:postgresql:postgresql:9.4.4</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.5">cpe:/a:postgresql:postgresql:9.4.5</a> </li>
                                                                    <li class="vs270 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.5">cpe:/a:postgresql:postgresql:9.5</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0766">CVE-2016-0766</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2016-0766')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/83184">83184</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1644/">http://www.postgresql.org/about/news/1644/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-1-20.html">http://www.postgresql.org/docs/current/static/release-9-1-20.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-2-15.html">http://www.postgresql.org/docs/current/static/release-9-2-15.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-3-11.html">http://www.postgresql.org/docs/current/static/release-9-3-11.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-4-6.html">http://www.postgresql.org/docs/current/static/release-9-4-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-5-1.html">http://www.postgresql.org/docs/current/static/release-9-5-1.html</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3475">DSA-3475</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3476">DSA-3476</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1035005">1035005</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html">SUSE-SU-2016:0539</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html">SUSE-SU-2016:0555</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html">SUSE-SU-2016:0677</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html">openSUSE-SU-2016:0531</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html">openSUSE-SU-2016:0578</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2894-1">USN-2894-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs271', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs271"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.19">cpe:/a:postgresql:postgresql:9.1.19</a>  and all previous versions</li>
                                    <li class="vs271">...</li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.19">cpe:/a:postgresql:postgresql:9.1.19</a>  and all previous versions</li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.7">cpe:/a:postgresql:postgresql:9.2.7</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.8">cpe:/a:postgresql:postgresql:9.2.8</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.9">cpe:/a:postgresql:postgresql:9.2.9</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.10">cpe:/a:postgresql:postgresql:9.2.10</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.11">cpe:/a:postgresql:postgresql:9.2.11</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.12">cpe:/a:postgresql:postgresql:9.2.12</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.13">cpe:/a:postgresql:postgresql:9.2.13</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.14">cpe:/a:postgresql:postgresql:9.2.14</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4">cpe:/a:postgresql:postgresql:9.4</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.1">cpe:/a:postgresql:postgresql:9.4.1</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.2">cpe:/a:postgresql:postgresql:9.4.2</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.3">cpe:/a:postgresql:postgresql:9.4.3</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.4">cpe:/a:postgresql:postgresql:9.4.4</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.5">cpe:/a:postgresql:postgresql:9.4.5</a> </li>
                                                                    <li class="vs271 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.5">cpe:/a:postgresql:postgresql:9.5</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5289">CVE-2015-5289</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2015-5289')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77048">77048</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=08fa47c4850cea32c3116665975bca219fbf2fe6">http://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=08fa47c4850cea32c3116665975bca219fbf2fe6</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html">http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1615/">http://www.postgresql.org/about/news/1615/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.3/static/release-9-3-10.html">http://www.postgresql.org/docs/9.3/static/release-9-3-10.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.4/static/release-9-4-5.html">http://www.postgresql.org/docs/9.4/static/release-9-4-5.html</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2015/dsa-3374">DSA-3374</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172316.html">FEDORA-2015-6d2a957a87</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169094.html">FEDORA-2015-7</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033775">1033775</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html">SUSE-SU-2016:0677</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2015-11/msg00033.html">openSUSE-SU-2015:1907</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2772-1">USN-2772-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs272', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs272"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.22">cpe:/a:postgresql:postgresql:9.0.22</a>  and all previous versions</li>
                                    <li class="vs272">...</li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.22">cpe:/a:postgresql:postgresql:9.0.22</a>  and all previous versions</li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.12">cpe:/a:postgresql:postgresql:9.1.12</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.13">cpe:/a:postgresql:postgresql:9.1.13</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.14">cpe:/a:postgresql:postgresql:9.1.14</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.15">cpe:/a:postgresql:postgresql:9.1.15</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.16">cpe:/a:postgresql:postgresql:9.1.16</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.17">cpe:/a:postgresql:postgresql:9.1.17</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.18">cpe:/a:postgresql:postgresql:9.1.18</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.7">cpe:/a:postgresql:postgresql:9.2.7</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.8">cpe:/a:postgresql:postgresql:9.2.8</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.9">cpe:/a:postgresql:postgresql:9.2.9</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.10">cpe:/a:postgresql:postgresql:9.2.10</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.11">cpe:/a:postgresql:postgresql:9.2.11</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.12">cpe:/a:postgresql:postgresql:9.2.12</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.13">cpe:/a:postgresql:postgresql:9.2.13</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.3">cpe:/a:postgresql:postgresql:9.3.3</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.4">cpe:/a:postgresql:postgresql:9.3.4</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.5">cpe:/a:postgresql:postgresql:9.3.5</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.6">cpe:/a:postgresql:postgresql:9.3.6</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.7">cpe:/a:postgresql:postgresql:9.3.7</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.8">cpe:/a:postgresql:postgresql:9.3.8</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.9">cpe:/a:postgresql:postgresql:9.3.9</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.0">cpe:/a:postgresql:postgresql:9.4.0</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.1">cpe:/a:postgresql:postgresql:9.4.1</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.2">cpe:/a:postgresql:postgresql:9.4.2</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.3">cpe:/a:postgresql:postgresql:9.4.3</a> </li>
                                                                    <li class="vs272 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.4">cpe:/a:postgresql:postgresql:9.4.4</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5288">CVE-2015-5288</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2015-5288')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a &quot;too-short&quot; salt.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77049">77049</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html">http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1615/">http://www.postgresql.org/about/news/1615/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.0/static/release-9-0-23.html">http://www.postgresql.org/docs/9.0/static/release-9-0-23.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.1/static/release-9-1-19.html">http://www.postgresql.org/docs/9.1/static/release-9-1-19.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.2/static/release-9-2-14.html">http://www.postgresql.org/docs/9.2/static/release-9-2-14.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.3/static/release-9-3-10.html">http://www.postgresql.org/docs/9.3/static/release-9-3-10.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.4/static/release-9-4-5.html">http://www.postgresql.org/docs/9.4/static/release-9-4-5.html</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2015/dsa-3374">DSA-3374</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3475">DSA-3475</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172316.html">FEDORA-2015-6d2a957a87</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169094.html">FEDORA-2015-7</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033775">1033775</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html">SUSE-SU-2016:0677</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2015-11/msg00033.html">openSUSE-SU-2015:1907</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2015-11/msg00040.html">openSUSE-SU-2015:1919</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2772-1">USN-2772-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs273', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs273"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.22">cpe:/a:postgresql:postgresql:9.0.22</a>  and all previous versions</li>
                                    <li class="vs273">...</li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.22">cpe:/a:postgresql:postgresql:9.0.22</a>  and all previous versions</li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.12">cpe:/a:postgresql:postgresql:9.1.12</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.13">cpe:/a:postgresql:postgresql:9.1.13</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.14">cpe:/a:postgresql:postgresql:9.1.14</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.15">cpe:/a:postgresql:postgresql:9.1.15</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.16">cpe:/a:postgresql:postgresql:9.1.16</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.17">cpe:/a:postgresql:postgresql:9.1.17</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.18">cpe:/a:postgresql:postgresql:9.1.18</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.7">cpe:/a:postgresql:postgresql:9.2.7</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.8">cpe:/a:postgresql:postgresql:9.2.8</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.9">cpe:/a:postgresql:postgresql:9.2.9</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.10">cpe:/a:postgresql:postgresql:9.2.10</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.11">cpe:/a:postgresql:postgresql:9.2.11</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.12">cpe:/a:postgresql:postgresql:9.2.12</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.13">cpe:/a:postgresql:postgresql:9.2.13</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.3">cpe:/a:postgresql:postgresql:9.3.3</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.4">cpe:/a:postgresql:postgresql:9.3.4</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.5">cpe:/a:postgresql:postgresql:9.3.5</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.6">cpe:/a:postgresql:postgresql:9.3.6</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.7">cpe:/a:postgresql:postgresql:9.3.7</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.8">cpe:/a:postgresql:postgresql:9.3.8</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.9">cpe:/a:postgresql:postgresql:9.3.9</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.0">cpe:/a:postgresql:postgresql:9.4.0</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.1">cpe:/a:postgresql:postgresql:9.4.1</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.2">cpe:/a:postgresql:postgresql:9.4.2</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.3">cpe:/a:postgresql:postgresql:9.4.3</a> </li>
                                                                    <li class="vs273 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.4">cpe:/a:postgresql:postgresql:9.4.4</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3165">CVE-2015-3165</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2015-3165')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html">APPLE-SA-2015-09-16-4</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/74787">74787</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1587/">http://www.postgresql.org/about/news/1587/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.0/static/release-9-0-20.html">http://www.postgresql.org/docs/9.0/static/release-9-0-20.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.1/static/release-9-1-16.html">http://www.postgresql.org/docs/9.1/static/release-9-1-16.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.2/static/release-9-2-11.html">http://www.postgresql.org/docs/9.2/static/release-9-2-11.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.3/static/release-9-3-7.html">http://www.postgresql.org/docs/9.3/static/release-9-3-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.4/static/release-9-4-2.html">http://www.postgresql.org/docs/9.4/static/release-9-4-2.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/HT205219">https://support.apple.com/HT205219</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2015/dsa-3269">DSA-3269</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2015/dsa-3270">DSA-3270</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2621-1">USN-2621-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs274', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs274"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.19">cpe:/a:postgresql:postgresql:9.0.19</a>  and all previous versions</li>
                                    <li class="vs274">...</li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.19">cpe:/a:postgresql:postgresql:9.0.19</a>  and all previous versions</li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.12">cpe:/a:postgresql:postgresql:9.1.12</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.13">cpe:/a:postgresql:postgresql:9.1.13</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.14">cpe:/a:postgresql:postgresql:9.1.14</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.15">cpe:/a:postgresql:postgresql:9.1.15</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.7">cpe:/a:postgresql:postgresql:9.2.7</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.8">cpe:/a:postgresql:postgresql:9.2.8</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.9">cpe:/a:postgresql:postgresql:9.2.9</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.10">cpe:/a:postgresql:postgresql:9.2.10</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.3">cpe:/a:postgresql:postgresql:9.3.3</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.4">cpe:/a:postgresql:postgresql:9.3.4</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.5">cpe:/a:postgresql:postgresql:9.3.5</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.6">cpe:/a:postgresql:postgresql:9.3.6</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.0">cpe:/a:postgresql:postgresql:9.4.0</a> </li>
                                                                    <li class="vs274 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.1">cpe:/a:postgresql:postgresql:9.4.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0067">CVE-2014-0067</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2014-0067')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The &quot;make check&quot; command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html">APPLE-SA-2015-08-13-2</a></li>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html">APPLE-SA-2015-09-16-4</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65721">65721</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/HT205219">https://support.apple.com/HT205219</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT205031">https://support.apple.com/kb/HT205031</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs275', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs275"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs275">...</li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs275 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0066">CVE-2014-0066</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2014-0066')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs276', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs276"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs276">...</li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs276 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0065">CVE-2014-0065</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2014-0065')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65731">65731</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs277', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs277"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs277">...</li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs277 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0064">CVE-2014-0064</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2014-0064')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow.  NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65725">65725</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/support/security/">http://www.postgresql.org/support/security/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1065230">https://bugzilla.redhat.com/show_bug.cgi?id=1065230</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a">https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61307">61307</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs278', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs278"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs278">...</li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs278 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0063">CVE-2014-0063</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2014-0063')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65719">65719</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/support/security/">http://www.postgresql.org/support/security/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1065226">https://bugzilla.redhat.com/show_bug.cgi?id=1065226</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/postgres/postgres/commit/4318daecc959886d001a6e79c6ea853e8b1dfb4b">https://github.com/postgres/postgres/commit/4318daecc959886d001a6e79c6ea853e8b1dfb4b</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61307">61307</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs279', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs279"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs279">...</li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs279 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0062">CVE-2014-0062</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2014-0062')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
                            </p>
                            <p>Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61307">61307</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs280', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs280"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs280">...</li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs280 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0061">CVE-2014-0061</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2014-0061')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61307">61307</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs281', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs281"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs281">...</li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs281 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0060">CVE-2014-0060</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2014-0060')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61307">61307</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs282', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs282"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs282">...</li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs282 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0733">CVE-2010-0733</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2010-0733')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/38619">38619</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://git.postgresql.org/gitweb?p=postgresql.git;a=commit;h=64b057e6823655fb6c5d1f24a28f236b94dd6c54">http://git.postgresql.org/gitweb?p=postgresql.git;a=commit;h=64b057e6823655fb6c5d1f24a28f236b94dd6c54</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=546621">https://bugzilla.redhat.com/show_bug.cgi?id=546621</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/03/09/2">[oss-security] 20100309 CVE Request: postgresql integer overflow in hash table size calculation</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/03/16/10">[oss-security] 20100316 Re: CVE Request: postgresql integer overflow in hash table size calculation</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://archives.postgresql.org/pgsql-bugs/2009-10/msg00277.php">[pgsql-bugs] 20091028 BUG #5145: Complex query with lots of LEFT JOIN causes segfault</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://archives.postgresql.org/pgsql-bugs/2009-10/msg00287.php">[pgsql-bugs] 20091029 Re: BUG #5145: Complex query with lots of LEFT JOIN causes segfault</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://archives.postgresql.org/pgsql-bugs/2009-10/msg00289.php">[pgsql-bugs] 20091029 Re: BUG #5145: Complex query with lots of LEFT JOIN causes segfault</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://archives.postgresql.org/pgsql-bugs/2009-10/msg00310.php">[pgsql-bugs] 20091030 Re: BUG #5145: Complex query with lots of LEFT JOIN causes segfault</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0427.html">RHSA-2010:0427</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0428.html">RHSA-2010:0428</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0429.html">RHSA-2010:0429</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html">SUSE-SR:2010:014</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1197">ADV-2010-1197</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs283', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs283"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a>  and all previous versions</li>
                                    <li class="vs283">...</li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0">cpe:/a:postgresql:postgresql:8.0</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.0">cpe:/a:postgresql:postgresql:8.0.0</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.1">cpe:/a:postgresql:postgresql:8.0.1</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.2">cpe:/a:postgresql:postgresql:8.0.2</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.3">cpe:/a:postgresql:postgresql:8.0.3</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.4">cpe:/a:postgresql:postgresql:8.0.4</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.5">cpe:/a:postgresql:postgresql:8.0.5</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.6">cpe:/a:postgresql:postgresql:8.0.6</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.7">cpe:/a:postgresql:postgresql:8.0.7</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.8">cpe:/a:postgresql:postgresql:8.0.8</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.9">cpe:/a:postgresql:postgresql:8.0.9</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.10">cpe:/a:postgresql:postgresql:8.0.10</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.11">cpe:/a:postgresql:postgresql:8.0.11</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.12">cpe:/a:postgresql:postgresql:8.0.12</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.13">cpe:/a:postgresql:postgresql:8.0.13</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.14">cpe:/a:postgresql:postgresql:8.0.14</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.15">cpe:/a:postgresql:postgresql:8.0.15</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.16">cpe:/a:postgresql:postgresql:8.0.16</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.17">cpe:/a:postgresql:postgresql:8.0.17</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.18">cpe:/a:postgresql:postgresql:8.0.18</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.19">cpe:/a:postgresql:postgresql:8.0.19</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.20">cpe:/a:postgresql:postgresql:8.0.20</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.21">cpe:/a:postgresql:postgresql:8.0.21</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.22">cpe:/a:postgresql:postgresql:8.0.22</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.23">cpe:/a:postgresql:postgresql:8.0.23</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.317">cpe:/a:postgresql:postgresql:8.0.317</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1">cpe:/a:postgresql:postgresql:8.1</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.0">cpe:/a:postgresql:postgresql:8.1.0</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.1">cpe:/a:postgresql:postgresql:8.1.1</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.2">cpe:/a:postgresql:postgresql:8.1.2</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.3">cpe:/a:postgresql:postgresql:8.1.3</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.4">cpe:/a:postgresql:postgresql:8.1.4</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.5">cpe:/a:postgresql:postgresql:8.1.5</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.6">cpe:/a:postgresql:postgresql:8.1.6</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.7">cpe:/a:postgresql:postgresql:8.1.7</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.8">cpe:/a:postgresql:postgresql:8.1.8</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.9">cpe:/a:postgresql:postgresql:8.1.9</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.10">cpe:/a:postgresql:postgresql:8.1.10</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.11">cpe:/a:postgresql:postgresql:8.1.11</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.12">cpe:/a:postgresql:postgresql:8.1.12</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.13">cpe:/a:postgresql:postgresql:8.1.13</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.14">cpe:/a:postgresql:postgresql:8.1.14</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.15">cpe:/a:postgresql:postgresql:8.1.15</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.16">cpe:/a:postgresql:postgresql:8.1.16</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.17">cpe:/a:postgresql:postgresql:8.1.17</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.18">cpe:/a:postgresql:postgresql:8.1.18</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.19">cpe:/a:postgresql:postgresql:8.1.19</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.20">cpe:/a:postgresql:postgresql:8.1.20</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2">cpe:/a:postgresql:postgresql:8.2</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.1">cpe:/a:postgresql:postgresql:8.2.1</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.2">cpe:/a:postgresql:postgresql:8.2.2</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.3">cpe:/a:postgresql:postgresql:8.2.3</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.4">cpe:/a:postgresql:postgresql:8.2.4</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.5">cpe:/a:postgresql:postgresql:8.2.5</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.6">cpe:/a:postgresql:postgresql:8.2.6</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.7">cpe:/a:postgresql:postgresql:8.2.7</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.8">cpe:/a:postgresql:postgresql:8.2.8</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.9">cpe:/a:postgresql:postgresql:8.2.9</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.10">cpe:/a:postgresql:postgresql:8.2.10</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.11">cpe:/a:postgresql:postgresql:8.2.11</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.12">cpe:/a:postgresql:postgresql:8.2.12</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.13">cpe:/a:postgresql:postgresql:8.2.13</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.14">cpe:/a:postgresql:postgresql:8.2.14</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.15">cpe:/a:postgresql:postgresql:8.2.15</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.16">cpe:/a:postgresql:postgresql:8.2.16</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3">cpe:/a:postgresql:postgresql:8.3</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.1">cpe:/a:postgresql:postgresql:8.3.1</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.2">cpe:/a:postgresql:postgresql:8.3.2</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.3">cpe:/a:postgresql:postgresql:8.3.3</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.4">cpe:/a:postgresql:postgresql:8.3.4</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.5">cpe:/a:postgresql:postgresql:8.3.5</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.6">cpe:/a:postgresql:postgresql:8.3.6</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.7">cpe:/a:postgresql:postgresql:8.3.7</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.8">cpe:/a:postgresql:postgresql:8.3.8</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.9">cpe:/a:postgresql:postgresql:8.3.9</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.10">cpe:/a:postgresql:postgresql:8.3.10</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4">cpe:/a:postgresql:postgresql:8.4</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a>  and all previous versions</li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.5">cpe:/a:postgresql:postgresql:8.5</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.5%3Aalpha1">cpe:/a:postgresql:postgresql:8.5:alpha1</a> </li>
                                                                    <li class="vs283 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.5%3Aalpha2">cpe:/a:postgresql:postgresql:8.5:alpha2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4772">CVE-2007-4772</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2007-4772')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/27163">27163</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/485864/100/0/threaded">20080107 PostgreSQL 2007-01-07 Cumulative Security Release</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/486407/100/0/threaded">20080115 rPSA-2008-0016-1 postgresql postgresql-server</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/493080/100/0/threaded">20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://sourceforge.net/project/shownotes.php?release_id=565440&amp;group_id=10894">http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://sourceforge.net/tracker/index.php?func=detail&amp;aid=1810264&amp;group_id=10894&amp;atid=110894">http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news.905">http://www.postgresql.org/about/news.905</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2008-0009.html">http://www.vmware.com/security/advisories/VMSA-2008-0009.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.rpath.com/browse/RPL-1768">https://issues.rpath.com/browse/RPL-1768</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2008/dsa-1460">DSA-1460</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2008/dsa-1463">DSA-1463</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html">FEDORA-2008-0478</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html">FEDORA-2008-0552</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200801-15.xml">GLSA-200801-15</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154">HPSBTU02325</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2008:004">MDVSA-2008:004</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2008:059">MDVSA-2008:059</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0038.html">RHSA-2008:0038</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0040.html">RHSA-2008:0040</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0134.html">RHSA-2008:0134</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0122.html">RHSA-2013:0122</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1019157">1019157</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1">103197</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1">200559</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html">SUSE-SA:2008:005</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html">SUSE-SU-2016:0539</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html">SUSE-SU-2016:0555</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html">SUSE-SU-2016:0677</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html">openSUSE-SU-2016:0531</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html">openSUSE-SU-2016:0578</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntulinux.org/support/documentation/usn/usn-568-1">USN-568-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0061">ADV-2008-0061</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0109">ADV-2008-0109</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1071/references">ADV-2008-1071</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1744">ADV-2008-1744</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/39497">postgresql-regular-expression-dos(39497)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs284', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs284"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.18">cpe:/a:postgresql:postgresql:7.4.18</a>  and all previous versions</li>
                                    <li class="vs284">...</li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4">cpe:/a:postgresql:postgresql:7.4</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.1">cpe:/a:postgresql:postgresql:7.4.1</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.2">cpe:/a:postgresql:postgresql:7.4.2</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.3">cpe:/a:postgresql:postgresql:7.4.3</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.4">cpe:/a:postgresql:postgresql:7.4.4</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.5">cpe:/a:postgresql:postgresql:7.4.5</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.6">cpe:/a:postgresql:postgresql:7.4.6</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.7">cpe:/a:postgresql:postgresql:7.4.7</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.8">cpe:/a:postgresql:postgresql:7.4.8</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.9">cpe:/a:postgresql:postgresql:7.4.9</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.10">cpe:/a:postgresql:postgresql:7.4.10</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.11">cpe:/a:postgresql:postgresql:7.4.11</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.12">cpe:/a:postgresql:postgresql:7.4.12</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.13">cpe:/a:postgresql:postgresql:7.4.13</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.14">cpe:/a:postgresql:postgresql:7.4.14</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.16">cpe:/a:postgresql:postgresql:7.4.16</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.17">cpe:/a:postgresql:postgresql:7.4.17</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.18">cpe:/a:postgresql:postgresql:7.4.18</a>  and all previous versions</li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0">cpe:/a:postgresql:postgresql:8.0</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.1">cpe:/a:postgresql:postgresql:8.0.1</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.2">cpe:/a:postgresql:postgresql:8.0.2</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.3">cpe:/a:postgresql:postgresql:8.0.3</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.4">cpe:/a:postgresql:postgresql:8.0.4</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.5">cpe:/a:postgresql:postgresql:8.0.5</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.7">cpe:/a:postgresql:postgresql:8.0.7</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.8">cpe:/a:postgresql:postgresql:8.0.8</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.9">cpe:/a:postgresql:postgresql:8.0.9</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.11">cpe:/a:postgresql:postgresql:8.0.11</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.13">cpe:/a:postgresql:postgresql:8.0.13</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.14">cpe:/a:postgresql:postgresql:8.0.14</a>  and all previous versions</li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.317">cpe:/a:postgresql:postgresql:8.0.317</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.1">cpe:/a:postgresql:postgresql:8.1.1</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.3">cpe:/a:postgresql:postgresql:8.1.3</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.4">cpe:/a:postgresql:postgresql:8.1.4</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.5">cpe:/a:postgresql:postgresql:8.1.5</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.7">cpe:/a:postgresql:postgresql:8.1.7</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.8">cpe:/a:postgresql:postgresql:8.1.8</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.9">cpe:/a:postgresql:postgresql:8.1.9</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.10">cpe:/a:postgresql:postgresql:8.1.10</a>  and all previous versions</li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2">cpe:/a:postgresql:postgresql:8.2</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.2">cpe:/a:postgresql:postgresql:8.2.2</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.3">cpe:/a:postgresql:postgresql:8.2.3</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.4">cpe:/a:postgresql:postgresql:8.2.4</a> </li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.5">cpe:/a:postgresql:postgresql:8.2.5</a>  and all previous versions</li>
                                                                    <li class="vs284 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Atcl_tk%3Atcl_tk%3A8.4.16">cpe:/a:tcl_tk:tcl_tk:8.4.16</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2138">CVE-2007-2138</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql.dbdefinition-1.0.2.v201110070445.jar', '8021bc614192f060a880cc407aba8adcfea6fb7f', 'cve', 'CVE-2007-2138')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
                            </p>
                            <p>Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to &quot;search_path settings.&quot;
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/23618">23618</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.avaya.com/elmodocs2/security/ASA-2007-190.htm">http://support.avaya.com/elmodocs2/security/ASA-2007-190.htm</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news.791">http://www.postgresql.org/about/news.791</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/support/security.html">http://www.postgresql.org/support/security.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.rpath.com/browse/RPL-1292">https://issues.rpath.com/browse/RPL-1292</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2007/dsa-1309">DSA-1309</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2007/dsa-1311">DSA-1311</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200705-12.xml">GLSA-200705-12</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:094">MDKSA-2007:094</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2007-0336.html">RHSA-2007:0336</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0337.html">RHSA-2007:0337</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1017974">1017974</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-102894-1">102894</a></li>
                                                                            <li>TRUSTIX - <a target="_blank" href="http://www.trustix.org/errata/2007/0015/">2007-0015</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/usn-454-1">USN-454-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1497">ADV-2007-1497</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1549">ADV-2007-1549</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/33842">postgresql-searchpath-privilege-escalation(33842)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs285', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs285"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.16">cpe:/a:postgresql:postgresql:7.4.16</a>  and all previous versions</li>
                                    <li class="vs285">...</li>
                                                                    <li class="vs285 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.3.18">cpe:/a:postgresql:postgresql:7.3.18</a>  and all previous versions</li>
                                                                    <li class="vs285 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.16">cpe:/a:postgresql:postgresql:7.4.16</a>  and all previous versions</li>
                                                                    <li class="vs285 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.10">cpe:/a:postgresql:postgresql:8.0.10</a>  and all previous versions</li>
                                                                    <li class="vs285 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.6">cpe:/a:postgresql:postgresql:8.1.6</a>  and all previous versions</li>
                                                                    <li class="vs285 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.1">cpe:/a:postgresql:postgresql:8.2.1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l330_ddd733b059a41aa86aceed5344d1b4799802f5c0"></a>org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.enablement.postgresql\1.1.1.v201205252207\ddd733b059a41aa86aceed5344d1b4799802f5c0\org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar<br/>
                            <b>MD5:</b>&nbsp;0e1243739661726d3a98234922777ee9<br/>
                            <b>SHA1:</b>&nbsp;ddd733b059a41aa86aceed5344d1b4799802f5c0
                                                                                </p>
                                                <h4 id="header725" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content725" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.enablement.postgresql</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.1.v201205252207</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1.1.v20120525</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>enablement</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>postgresql</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.enablement.postgresql;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1.1.v201205252207</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.connectivity;bundle-version=&quot;[0.9.1,1.5.0)&quot;,org.eclipse.datatools.connectivity.db.generic;bundle-version=&quot;[0.9.1,1.5.0)&quot;,org.eclipse.datatools.connectivity.sqm.core;bundle-version=&quot;[0.9.1,1.5.0)&quot;,org.eclipse.datatools.modelbase.sql;bundle-version=&quot;[0.9.0,1.5.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.enablement.postgresql</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.enablement.postgresql_1.1.1.v201205252207.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.1.v201205252207</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header726" class="subsectionheader white">Identifiers</h4>
                                                <div id="content726" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:postgresql:postgresql:1.1.1.v20120525
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cpe', 'cpe:/a:postgresql:postgresql:1.1.1.v20120525')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.enablement.postgresql/1.1.1.v201205252207/org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.enablement.postgresql:1.1.1.v201205252207</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header727" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content727" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0773">CVE-2016-0773</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2016-0773')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/83184">83184</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html">http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1644/">http://www.postgresql.org/about/news/1644/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-1-20.html">http://www.postgresql.org/docs/current/static/release-9-1-20.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-2-15.html">http://www.postgresql.org/docs/current/static/release-9-2-15.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-3-11.html">http://www.postgresql.org/docs/current/static/release-9-3-11.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-4-6.html">http://www.postgresql.org/docs/current/static/release-9-4-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-5-1.html">http://www.postgresql.org/docs/current/static/release-9-5-1.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10152">https://kc.mcafee.com/corporate/index?page=content&id=SB10152</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3475">DSA-3475</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3476">DSA-3476</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177878.html">FEDORA-2016-b0c2412ab2</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html">FEDORA-2016-e0a6c9ebc4</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2016-1060.html">RHSA-2016:1060</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1035005">1035005</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html">SUSE-SU-2016:0539</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html">SUSE-SU-2016:0555</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html">SUSE-SU-2016:0677</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html">openSUSE-SU-2016:0531</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html">openSUSE-SU-2016:0578</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2894-1">USN-2894-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs286', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs286"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.19">cpe:/a:postgresql:postgresql:9.1.19</a>  and all previous versions</li>
                                    <li class="vs286">...</li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.19">cpe:/a:postgresql:postgresql:9.1.19</a>  and all previous versions</li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.7">cpe:/a:postgresql:postgresql:9.2.7</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.8">cpe:/a:postgresql:postgresql:9.2.8</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.9">cpe:/a:postgresql:postgresql:9.2.9</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.10">cpe:/a:postgresql:postgresql:9.2.10</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.11">cpe:/a:postgresql:postgresql:9.2.11</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.12">cpe:/a:postgresql:postgresql:9.2.12</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.13">cpe:/a:postgresql:postgresql:9.2.13</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.14">cpe:/a:postgresql:postgresql:9.2.14</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4">cpe:/a:postgresql:postgresql:9.4</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.1">cpe:/a:postgresql:postgresql:9.4.1</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.2">cpe:/a:postgresql:postgresql:9.4.2</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.3">cpe:/a:postgresql:postgresql:9.4.3</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.4">cpe:/a:postgresql:postgresql:9.4.4</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.5">cpe:/a:postgresql:postgresql:9.4.5</a> </li>
                                                                    <li class="vs286 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.5">cpe:/a:postgresql:postgresql:9.5</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0766">CVE-2016-0766</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2016-0766')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/83184">83184</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1644/">http://www.postgresql.org/about/news/1644/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-1-20.html">http://www.postgresql.org/docs/current/static/release-9-1-20.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-2-15.html">http://www.postgresql.org/docs/current/static/release-9-2-15.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-3-11.html">http://www.postgresql.org/docs/current/static/release-9-3-11.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-4-6.html">http://www.postgresql.org/docs/current/static/release-9-4-6.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/current/static/release-9-5-1.html">http://www.postgresql.org/docs/current/static/release-9-5-1.html</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3475">DSA-3475</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3476">DSA-3476</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1035005">1035005</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html">SUSE-SU-2016:0539</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html">SUSE-SU-2016:0555</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html">SUSE-SU-2016:0677</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html">openSUSE-SU-2016:0531</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html">openSUSE-SU-2016:0578</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2894-1">USN-2894-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs287', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs287"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.19">cpe:/a:postgresql:postgresql:9.1.19</a>  and all previous versions</li>
                                    <li class="vs287">...</li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.19">cpe:/a:postgresql:postgresql:9.1.19</a>  and all previous versions</li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.7">cpe:/a:postgresql:postgresql:9.2.7</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.8">cpe:/a:postgresql:postgresql:9.2.8</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.9">cpe:/a:postgresql:postgresql:9.2.9</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.10">cpe:/a:postgresql:postgresql:9.2.10</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.11">cpe:/a:postgresql:postgresql:9.2.11</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.12">cpe:/a:postgresql:postgresql:9.2.12</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.13">cpe:/a:postgresql:postgresql:9.2.13</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.14">cpe:/a:postgresql:postgresql:9.2.14</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4">cpe:/a:postgresql:postgresql:9.4</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.1">cpe:/a:postgresql:postgresql:9.4.1</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.2">cpe:/a:postgresql:postgresql:9.4.2</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.3">cpe:/a:postgresql:postgresql:9.4.3</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.4">cpe:/a:postgresql:postgresql:9.4.4</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.5">cpe:/a:postgresql:postgresql:9.4.5</a> </li>
                                                                    <li class="vs287 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.5">cpe:/a:postgresql:postgresql:9.5</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5289">CVE-2015-5289</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2015-5289')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77048">77048</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=08fa47c4850cea32c3116665975bca219fbf2fe6">http://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=08fa47c4850cea32c3116665975bca219fbf2fe6</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html">http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1615/">http://www.postgresql.org/about/news/1615/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.3/static/release-9-3-10.html">http://www.postgresql.org/docs/9.3/static/release-9-3-10.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.4/static/release-9-4-5.html">http://www.postgresql.org/docs/9.4/static/release-9-4-5.html</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2015/dsa-3374">DSA-3374</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172316.html">FEDORA-2015-6d2a957a87</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169094.html">FEDORA-2015-7</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033775">1033775</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html">SUSE-SU-2016:0677</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2015-11/msg00033.html">openSUSE-SU-2015:1907</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2772-1">USN-2772-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs288', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs288"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.22">cpe:/a:postgresql:postgresql:9.0.22</a>  and all previous versions</li>
                                    <li class="vs288">...</li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.22">cpe:/a:postgresql:postgresql:9.0.22</a>  and all previous versions</li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.12">cpe:/a:postgresql:postgresql:9.1.12</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.13">cpe:/a:postgresql:postgresql:9.1.13</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.14">cpe:/a:postgresql:postgresql:9.1.14</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.15">cpe:/a:postgresql:postgresql:9.1.15</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.16">cpe:/a:postgresql:postgresql:9.1.16</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.17">cpe:/a:postgresql:postgresql:9.1.17</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.18">cpe:/a:postgresql:postgresql:9.1.18</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.7">cpe:/a:postgresql:postgresql:9.2.7</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.8">cpe:/a:postgresql:postgresql:9.2.8</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.9">cpe:/a:postgresql:postgresql:9.2.9</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.10">cpe:/a:postgresql:postgresql:9.2.10</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.11">cpe:/a:postgresql:postgresql:9.2.11</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.12">cpe:/a:postgresql:postgresql:9.2.12</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.13">cpe:/a:postgresql:postgresql:9.2.13</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.3">cpe:/a:postgresql:postgresql:9.3.3</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.4">cpe:/a:postgresql:postgresql:9.3.4</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.5">cpe:/a:postgresql:postgresql:9.3.5</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.6">cpe:/a:postgresql:postgresql:9.3.6</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.7">cpe:/a:postgresql:postgresql:9.3.7</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.8">cpe:/a:postgresql:postgresql:9.3.8</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.9">cpe:/a:postgresql:postgresql:9.3.9</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.0">cpe:/a:postgresql:postgresql:9.4.0</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.1">cpe:/a:postgresql:postgresql:9.4.1</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.2">cpe:/a:postgresql:postgresql:9.4.2</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.3">cpe:/a:postgresql:postgresql:9.4.3</a> </li>
                                                                    <li class="vs288 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.4">cpe:/a:postgresql:postgresql:9.4.4</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5288">CVE-2015-5288</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2015-5288')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
                                                            <br/>CWE: CWE-200 Information Exposure
                            </p>
                            <p>The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a &quot;too-short&quot; salt.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77049">77049</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html">http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1615/">http://www.postgresql.org/about/news/1615/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.0/static/release-9-0-23.html">http://www.postgresql.org/docs/9.0/static/release-9-0-23.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.1/static/release-9-1-19.html">http://www.postgresql.org/docs/9.1/static/release-9-1-19.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.2/static/release-9-2-14.html">http://www.postgresql.org/docs/9.2/static/release-9-2-14.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.3/static/release-9-3-10.html">http://www.postgresql.org/docs/9.3/static/release-9-3-10.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.4/static/release-9-4-5.html">http://www.postgresql.org/docs/9.4/static/release-9-4-5.html</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2015/dsa-3374">DSA-3374</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2016/dsa-3475">DSA-3475</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172316.html">FEDORA-2015-6d2a957a87</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169094.html">FEDORA-2015-7</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033775">1033775</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html">SUSE-SU-2016:0677</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2015-11/msg00033.html">openSUSE-SU-2015:1907</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-updates/2015-11/msg00040.html">openSUSE-SU-2015:1919</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2772-1">USN-2772-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs289', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs289"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.22">cpe:/a:postgresql:postgresql:9.0.22</a>  and all previous versions</li>
                                    <li class="vs289">...</li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.22">cpe:/a:postgresql:postgresql:9.0.22</a>  and all previous versions</li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.12">cpe:/a:postgresql:postgresql:9.1.12</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.13">cpe:/a:postgresql:postgresql:9.1.13</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.14">cpe:/a:postgresql:postgresql:9.1.14</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.15">cpe:/a:postgresql:postgresql:9.1.15</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.16">cpe:/a:postgresql:postgresql:9.1.16</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.17">cpe:/a:postgresql:postgresql:9.1.17</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.18">cpe:/a:postgresql:postgresql:9.1.18</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.7">cpe:/a:postgresql:postgresql:9.2.7</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.8">cpe:/a:postgresql:postgresql:9.2.8</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.9">cpe:/a:postgresql:postgresql:9.2.9</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.10">cpe:/a:postgresql:postgresql:9.2.10</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.11">cpe:/a:postgresql:postgresql:9.2.11</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.12">cpe:/a:postgresql:postgresql:9.2.12</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.13">cpe:/a:postgresql:postgresql:9.2.13</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.3">cpe:/a:postgresql:postgresql:9.3.3</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.4">cpe:/a:postgresql:postgresql:9.3.4</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.5">cpe:/a:postgresql:postgresql:9.3.5</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.6">cpe:/a:postgresql:postgresql:9.3.6</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.7">cpe:/a:postgresql:postgresql:9.3.7</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.8">cpe:/a:postgresql:postgresql:9.3.8</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.9">cpe:/a:postgresql:postgresql:9.3.9</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.0">cpe:/a:postgresql:postgresql:9.4.0</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.1">cpe:/a:postgresql:postgresql:9.4.1</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.2">cpe:/a:postgresql:postgresql:9.4.2</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.3">cpe:/a:postgresql:postgresql:9.4.3</a> </li>
                                                                    <li class="vs289 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.4">cpe:/a:postgresql:postgresql:9.4.4</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3165">CVE-2015-3165</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2015-3165')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html">APPLE-SA-2015-09-16-4</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/74787">74787</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1587/">http://www.postgresql.org/about/news/1587/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.0/static/release-9-0-20.html">http://www.postgresql.org/docs/9.0/static/release-9-0-20.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.1/static/release-9-1-16.html">http://www.postgresql.org/docs/9.1/static/release-9-1-16.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.2/static/release-9-2-11.html">http://www.postgresql.org/docs/9.2/static/release-9-2-11.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.3/static/release-9-3-7.html">http://www.postgresql.org/docs/9.3/static/release-9-3-7.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/docs/9.4/static/release-9-4-2.html">http://www.postgresql.org/docs/9.4/static/release-9-4-2.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/HT205219">https://support.apple.com/HT205219</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2015/dsa-3269">DSA-3269</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2015/dsa-3270">DSA-3270</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-2621-1">USN-2621-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs290', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs290"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.19">cpe:/a:postgresql:postgresql:9.0.19</a>  and all previous versions</li>
                                    <li class="vs290">...</li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.19">cpe:/a:postgresql:postgresql:9.0.19</a>  and all previous versions</li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.12">cpe:/a:postgresql:postgresql:9.1.12</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.13">cpe:/a:postgresql:postgresql:9.1.13</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.14">cpe:/a:postgresql:postgresql:9.1.14</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.15">cpe:/a:postgresql:postgresql:9.1.15</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.7">cpe:/a:postgresql:postgresql:9.2.7</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.8">cpe:/a:postgresql:postgresql:9.2.8</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.9">cpe:/a:postgresql:postgresql:9.2.9</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.10">cpe:/a:postgresql:postgresql:9.2.10</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.3">cpe:/a:postgresql:postgresql:9.3.3</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.4">cpe:/a:postgresql:postgresql:9.3.4</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.5">cpe:/a:postgresql:postgresql:9.3.5</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.6">cpe:/a:postgresql:postgresql:9.3.6</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.0">cpe:/a:postgresql:postgresql:9.4.0</a> </li>
                                                                    <li class="vs290 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.4.1">cpe:/a:postgresql:postgresql:9.4.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0067">CVE-2014-0067</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2014-0067')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The &quot;make check&quot; command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html">APPLE-SA-2015-08-13-2</a></li>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html">APPLE-SA-2015-09-16-4</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65721">65721</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/HT205219">https://support.apple.com/HT205219</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT205031">https://support.apple.com/kb/HT205031</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs291', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs291"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs291">...</li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs291 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0066">CVE-2014-0066</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2014-0066')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-20 Improper Input Validation
                            </p>
                            <p>The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs292', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs292"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs292">...</li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs292 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0065">CVE-2014-0065</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2014-0065')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65731">65731</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs293', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs293"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs293">...</li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs293 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0064">CVE-2014-0064</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2014-0064')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow.  NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65725">65725</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/support/security/">http://www.postgresql.org/support/security/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1065230">https://bugzilla.redhat.com/show_bug.cgi?id=1065230</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a">https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61307">61307</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs294', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs294"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs294">...</li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs294 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0063">CVE-2014-0063</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2014-0063')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/65719">65719</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/support/security/">http://www.postgresql.org/support/security/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=1065226">https://bugzilla.redhat.com/show_bug.cgi?id=1065226</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/postgres/postgres/commit/4318daecc959886d001a6e79c6ea853e8b1dfb4b">https://github.com/postgres/postgres/commit/4318daecc959886d001a6e79c6ea853e8b1dfb4b</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61307">61307</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs295', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs295"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs295">...</li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs295 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0062">CVE-2014-0062</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2014-0062')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
                            </p>
                            <p>Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61307">61307</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs296', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs296"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs296">...</li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs296 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0061">CVE-2014-0061</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2014-0061')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61307">61307</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs297', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs297"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs297">...</li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs297 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0060">CVE-2014-0060</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2014-0060')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html">APPLE-SA-2014-10-16-3</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT6448">http://support.apple.com/kb/HT6448</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://wiki.postgresql.org/wiki/20140220securityrelease">http://wiki.postgresql.org/wiki/20140220securityrelease</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news/1506/">http://www.postgresql.org/about/news/1506/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://support.apple.com/kb/HT6536">https://support.apple.com/kb/HT6536</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2864">DSA-2864</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2865">DSA-2865</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0469.html">RHSA-2014:0469</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/61307">61307</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs298', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs298"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                    <li class="vs298">...</li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.2">cpe:/a:postgresql:postgresql:8.4.2</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.3">cpe:/a:postgresql:postgresql:8.4.3</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.4">cpe:/a:postgresql:postgresql:8.4.4</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.5">cpe:/a:postgresql:postgresql:8.4.5</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.6">cpe:/a:postgresql:postgresql:8.4.6</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.7">cpe:/a:postgresql:postgresql:8.4.7</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.8">cpe:/a:postgresql:postgresql:8.4.8</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.9">cpe:/a:postgresql:postgresql:8.4.9</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.10">cpe:/a:postgresql:postgresql:8.4.10</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.11">cpe:/a:postgresql:postgresql:8.4.11</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.12">cpe:/a:postgresql:postgresql:8.4.12</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.13">cpe:/a:postgresql:postgresql:8.4.13</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.14">cpe:/a:postgresql:postgresql:8.4.14</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.15">cpe:/a:postgresql:postgresql:8.4.15</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.16">cpe:/a:postgresql:postgresql:8.4.16</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.17">cpe:/a:postgresql:postgresql:8.4.17</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.18">cpe:/a:postgresql:postgresql:8.4.18</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.19">cpe:/a:postgresql:postgresql:8.4.19</a>  and all previous versions</li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0">cpe:/a:postgresql:postgresql:9.0</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.1">cpe:/a:postgresql:postgresql:9.0.1</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.2">cpe:/a:postgresql:postgresql:9.0.2</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.3">cpe:/a:postgresql:postgresql:9.0.3</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.4">cpe:/a:postgresql:postgresql:9.0.4</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.5">cpe:/a:postgresql:postgresql:9.0.5</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.6">cpe:/a:postgresql:postgresql:9.0.6</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.7">cpe:/a:postgresql:postgresql:9.0.7</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.8">cpe:/a:postgresql:postgresql:9.0.8</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.9">cpe:/a:postgresql:postgresql:9.0.9</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.10">cpe:/a:postgresql:postgresql:9.0.10</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.11">cpe:/a:postgresql:postgresql:9.0.11</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.12">cpe:/a:postgresql:postgresql:9.0.12</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.13">cpe:/a:postgresql:postgresql:9.0.13</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.14">cpe:/a:postgresql:postgresql:9.0.14</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.0.15">cpe:/a:postgresql:postgresql:9.0.15</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1">cpe:/a:postgresql:postgresql:9.1</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.1">cpe:/a:postgresql:postgresql:9.1.1</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.2">cpe:/a:postgresql:postgresql:9.1.2</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.3">cpe:/a:postgresql:postgresql:9.1.3</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.4">cpe:/a:postgresql:postgresql:9.1.4</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.5">cpe:/a:postgresql:postgresql:9.1.5</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.6">cpe:/a:postgresql:postgresql:9.1.6</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.7">cpe:/a:postgresql:postgresql:9.1.7</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.8">cpe:/a:postgresql:postgresql:9.1.8</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.9">cpe:/a:postgresql:postgresql:9.1.9</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.10">cpe:/a:postgresql:postgresql:9.1.10</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.1.11">cpe:/a:postgresql:postgresql:9.1.11</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2">cpe:/a:postgresql:postgresql:9.2</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.1">cpe:/a:postgresql:postgresql:9.2.1</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.2">cpe:/a:postgresql:postgresql:9.2.2</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.3">cpe:/a:postgresql:postgresql:9.2.3</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.4">cpe:/a:postgresql:postgresql:9.2.4</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.5">cpe:/a:postgresql:postgresql:9.2.5</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.2.6">cpe:/a:postgresql:postgresql:9.2.6</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3">cpe:/a:postgresql:postgresql:9.3</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.1">cpe:/a:postgresql:postgresql:9.3.1</a> </li>
                                                                    <li class="vs298 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A9.3.2">cpe:/a:postgresql:postgresql:9.3.2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0733">CVE-2010-0733</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2010-0733')">suppress</button></p>
                            <p>Severity:
                                                            Low
                                                        <br/>CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/38619">38619</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://git.postgresql.org/gitweb?p=postgresql.git;a=commit;h=64b057e6823655fb6c5d1f24a28f236b94dd6c54">http://git.postgresql.org/gitweb?p=postgresql.git;a=commit;h=64b057e6823655fb6c5d1f24a28f236b94dd6c54</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=546621">https://bugzilla.redhat.com/show_bug.cgi?id=546621</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/03/09/2">[oss-security] 20100309 CVE Request: postgresql integer overflow in hash table size calculation</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2010/03/16/10">[oss-security] 20100316 Re: CVE Request: postgresql integer overflow in hash table size calculation</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://archives.postgresql.org/pgsql-bugs/2009-10/msg00277.php">[pgsql-bugs] 20091028 BUG #5145: Complex query with lots of LEFT JOIN causes segfault</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://archives.postgresql.org/pgsql-bugs/2009-10/msg00287.php">[pgsql-bugs] 20091029 Re: BUG #5145: Complex query with lots of LEFT JOIN causes segfault</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://archives.postgresql.org/pgsql-bugs/2009-10/msg00289.php">[pgsql-bugs] 20091029 Re: BUG #5145: Complex query with lots of LEFT JOIN causes segfault</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://archives.postgresql.org/pgsql-bugs/2009-10/msg00310.php">[pgsql-bugs] 20091030 Re: BUG #5145: Complex query with lots of LEFT JOIN causes segfault</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0427.html">RHSA-2010:0427</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0428.html">RHSA-2010:0428</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0429.html">RHSA-2010:0429</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html">SUSE-SR:2010:014</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/1197">ADV-2010-1197</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs299', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs299"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a>  and all previous versions</li>
                                    <li class="vs299">...</li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0">cpe:/a:postgresql:postgresql:8.0</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.0">cpe:/a:postgresql:postgresql:8.0.0</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.1">cpe:/a:postgresql:postgresql:8.0.1</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.2">cpe:/a:postgresql:postgresql:8.0.2</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.3">cpe:/a:postgresql:postgresql:8.0.3</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.4">cpe:/a:postgresql:postgresql:8.0.4</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.5">cpe:/a:postgresql:postgresql:8.0.5</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.6">cpe:/a:postgresql:postgresql:8.0.6</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.7">cpe:/a:postgresql:postgresql:8.0.7</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.8">cpe:/a:postgresql:postgresql:8.0.8</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.9">cpe:/a:postgresql:postgresql:8.0.9</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.10">cpe:/a:postgresql:postgresql:8.0.10</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.11">cpe:/a:postgresql:postgresql:8.0.11</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.12">cpe:/a:postgresql:postgresql:8.0.12</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.13">cpe:/a:postgresql:postgresql:8.0.13</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.14">cpe:/a:postgresql:postgresql:8.0.14</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.15">cpe:/a:postgresql:postgresql:8.0.15</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.16">cpe:/a:postgresql:postgresql:8.0.16</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.17">cpe:/a:postgresql:postgresql:8.0.17</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.18">cpe:/a:postgresql:postgresql:8.0.18</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.19">cpe:/a:postgresql:postgresql:8.0.19</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.20">cpe:/a:postgresql:postgresql:8.0.20</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.21">cpe:/a:postgresql:postgresql:8.0.21</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.22">cpe:/a:postgresql:postgresql:8.0.22</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.23">cpe:/a:postgresql:postgresql:8.0.23</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.317">cpe:/a:postgresql:postgresql:8.0.317</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1">cpe:/a:postgresql:postgresql:8.1</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.0">cpe:/a:postgresql:postgresql:8.1.0</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.1">cpe:/a:postgresql:postgresql:8.1.1</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.2">cpe:/a:postgresql:postgresql:8.1.2</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.3">cpe:/a:postgresql:postgresql:8.1.3</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.4">cpe:/a:postgresql:postgresql:8.1.4</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.5">cpe:/a:postgresql:postgresql:8.1.5</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.6">cpe:/a:postgresql:postgresql:8.1.6</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.7">cpe:/a:postgresql:postgresql:8.1.7</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.8">cpe:/a:postgresql:postgresql:8.1.8</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.9">cpe:/a:postgresql:postgresql:8.1.9</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.10">cpe:/a:postgresql:postgresql:8.1.10</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.11">cpe:/a:postgresql:postgresql:8.1.11</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.12">cpe:/a:postgresql:postgresql:8.1.12</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.13">cpe:/a:postgresql:postgresql:8.1.13</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.14">cpe:/a:postgresql:postgresql:8.1.14</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.15">cpe:/a:postgresql:postgresql:8.1.15</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.16">cpe:/a:postgresql:postgresql:8.1.16</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.17">cpe:/a:postgresql:postgresql:8.1.17</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.18">cpe:/a:postgresql:postgresql:8.1.18</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.19">cpe:/a:postgresql:postgresql:8.1.19</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.20">cpe:/a:postgresql:postgresql:8.1.20</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2">cpe:/a:postgresql:postgresql:8.2</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.1">cpe:/a:postgresql:postgresql:8.2.1</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.2">cpe:/a:postgresql:postgresql:8.2.2</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.3">cpe:/a:postgresql:postgresql:8.2.3</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.4">cpe:/a:postgresql:postgresql:8.2.4</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.5">cpe:/a:postgresql:postgresql:8.2.5</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.6">cpe:/a:postgresql:postgresql:8.2.6</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.7">cpe:/a:postgresql:postgresql:8.2.7</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.8">cpe:/a:postgresql:postgresql:8.2.8</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.9">cpe:/a:postgresql:postgresql:8.2.9</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.10">cpe:/a:postgresql:postgresql:8.2.10</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.11">cpe:/a:postgresql:postgresql:8.2.11</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.12">cpe:/a:postgresql:postgresql:8.2.12</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.13">cpe:/a:postgresql:postgresql:8.2.13</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.14">cpe:/a:postgresql:postgresql:8.2.14</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.15">cpe:/a:postgresql:postgresql:8.2.15</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.16">cpe:/a:postgresql:postgresql:8.2.16</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3">cpe:/a:postgresql:postgresql:8.3</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.1">cpe:/a:postgresql:postgresql:8.3.1</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.2">cpe:/a:postgresql:postgresql:8.3.2</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.3">cpe:/a:postgresql:postgresql:8.3.3</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.4">cpe:/a:postgresql:postgresql:8.3.4</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.5">cpe:/a:postgresql:postgresql:8.3.5</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.6">cpe:/a:postgresql:postgresql:8.3.6</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.7">cpe:/a:postgresql:postgresql:8.3.7</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.8">cpe:/a:postgresql:postgresql:8.3.8</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.9">cpe:/a:postgresql:postgresql:8.3.9</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.3.10">cpe:/a:postgresql:postgresql:8.3.10</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4">cpe:/a:postgresql:postgresql:8.4</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.4.1">cpe:/a:postgresql:postgresql:8.4.1</a>  and all previous versions</li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.5">cpe:/a:postgresql:postgresql:8.5</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.5%3Aalpha1">cpe:/a:postgresql:postgresql:8.5:alpha1</a> </li>
                                                                    <li class="vs299 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.5%3Aalpha2">cpe:/a:postgresql:postgresql:8.5:alpha2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4772">CVE-2007-4772</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2007-4772')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
                                                            <br/>CWE: CWE-399 Resource Management Errors
                            </p>
                            <p>The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/27163">27163</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/485864/100/0/threaded">20080107 PostgreSQL 2007-01-07 Cumulative Security Release</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/486407/100/0/threaded">20080115 rPSA-2008-0016-1 postgresql postgresql-server</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/493080/100/0/threaded">20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10705">http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://sourceforge.net/project/shownotes.php?release_id=565440&amp;group_id=10894">http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://sourceforge.net/tracker/index.php?func=detail&amp;aid=1810264&amp;group_id=10894&amp;atid=110894">http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news.905">http://www.postgresql.org/about/news.905</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2008-0009.html">http://www.vmware.com/security/advisories/VMSA-2008-0009.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.rpath.com/browse/RPL-1768">https://issues.rpath.com/browse/RPL-1768</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2008/dsa-1460">DSA-1460</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2008/dsa-1463">DSA-1463</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html">FEDORA-2008-0478</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html">FEDORA-2008-0552</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200801-15.xml">GLSA-200801-15</a></li>
                                                                            <li>HP - <a target="_blank" href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154">HPSBTU02325</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2008:004">MDVSA-2008:004</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDVSA-2008:059">MDVSA-2008:059</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0038.html">RHSA-2008:0038</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0040.html">RHSA-2008:0040</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2008-0134.html">RHSA-2008:0134</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0122.html">RHSA-2013:0122</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1019157">1019157</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1">103197</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1">200559</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html">SUSE-SA:2008:005</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html">SUSE-SU-2016:0539</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html">SUSE-SU-2016:0555</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html">SUSE-SU-2016:0677</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html">openSUSE-SU-2016:0531</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html">openSUSE-SU-2016:0578</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntulinux.org/support/documentation/usn/usn-568-1">USN-568-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0061">ADV-2008-0061</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/0109">ADV-2008-0109</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1071/references">ADV-2008-1071</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2008/1744">ADV-2008-1744</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/39497">postgresql-regular-expression-dos(39497)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs300', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs300"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.18">cpe:/a:postgresql:postgresql:7.4.18</a>  and all previous versions</li>
                                    <li class="vs300">...</li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4">cpe:/a:postgresql:postgresql:7.4</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.1">cpe:/a:postgresql:postgresql:7.4.1</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.2">cpe:/a:postgresql:postgresql:7.4.2</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.3">cpe:/a:postgresql:postgresql:7.4.3</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.4">cpe:/a:postgresql:postgresql:7.4.4</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.5">cpe:/a:postgresql:postgresql:7.4.5</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.6">cpe:/a:postgresql:postgresql:7.4.6</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.7">cpe:/a:postgresql:postgresql:7.4.7</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.8">cpe:/a:postgresql:postgresql:7.4.8</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.9">cpe:/a:postgresql:postgresql:7.4.9</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.10">cpe:/a:postgresql:postgresql:7.4.10</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.11">cpe:/a:postgresql:postgresql:7.4.11</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.12">cpe:/a:postgresql:postgresql:7.4.12</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.13">cpe:/a:postgresql:postgresql:7.4.13</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.14">cpe:/a:postgresql:postgresql:7.4.14</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.16">cpe:/a:postgresql:postgresql:7.4.16</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.17">cpe:/a:postgresql:postgresql:7.4.17</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.18">cpe:/a:postgresql:postgresql:7.4.18</a>  and all previous versions</li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0">cpe:/a:postgresql:postgresql:8.0</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.1">cpe:/a:postgresql:postgresql:8.0.1</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.2">cpe:/a:postgresql:postgresql:8.0.2</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.3">cpe:/a:postgresql:postgresql:8.0.3</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.4">cpe:/a:postgresql:postgresql:8.0.4</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.5">cpe:/a:postgresql:postgresql:8.0.5</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.7">cpe:/a:postgresql:postgresql:8.0.7</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.8">cpe:/a:postgresql:postgresql:8.0.8</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.9">cpe:/a:postgresql:postgresql:8.0.9</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.11">cpe:/a:postgresql:postgresql:8.0.11</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.13">cpe:/a:postgresql:postgresql:8.0.13</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.14">cpe:/a:postgresql:postgresql:8.0.14</a>  and all previous versions</li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.317">cpe:/a:postgresql:postgresql:8.0.317</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.1">cpe:/a:postgresql:postgresql:8.1.1</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.3">cpe:/a:postgresql:postgresql:8.1.3</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.4">cpe:/a:postgresql:postgresql:8.1.4</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.5">cpe:/a:postgresql:postgresql:8.1.5</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.7">cpe:/a:postgresql:postgresql:8.1.7</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.8">cpe:/a:postgresql:postgresql:8.1.8</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.9">cpe:/a:postgresql:postgresql:8.1.9</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.10">cpe:/a:postgresql:postgresql:8.1.10</a>  and all previous versions</li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2">cpe:/a:postgresql:postgresql:8.2</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.2">cpe:/a:postgresql:postgresql:8.2.2</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.3">cpe:/a:postgresql:postgresql:8.2.3</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.4">cpe:/a:postgresql:postgresql:8.2.4</a> </li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.5">cpe:/a:postgresql:postgresql:8.2.5</a>  and all previous versions</li>
                                                                    <li class="vs300 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Atcl_tk%3Atcl_tk%3A8.4.16">cpe:/a:tcl_tk:tcl_tk:8.4.16</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2138">CVE-2007-2138</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.enablement.postgresql-1.1.1.v201205252207.jar', 'ddd733b059a41aa86aceed5344d1b4799802f5c0', 'cve', 'CVE-2007-2138')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
                            </p>
                            <p>Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to &quot;search_path settings.&quot;
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/23618">23618</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.avaya.com/elmodocs2/security/ASA-2007-190.htm">http://support.avaya.com/elmodocs2/security/ASA-2007-190.htm</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/about/news.791">http://www.postgresql.org/about/news.791</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.postgresql.org/support/security.html">http://www.postgresql.org/support/security.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.rpath.com/browse/RPL-1292">https://issues.rpath.com/browse/RPL-1292</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2007/dsa-1309">DSA-1309</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2007/dsa-1311">DSA-1311</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-200705-12.xml">GLSA-200705-12</a></li>
                                                                            <li>MANDRIVA - <a target="_blank" href="http://www.mandriva.com/security/advisories?name=MDKSA-2007:094">MDKSA-2007:094</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2007-0336.html">RHSA-2007:0336</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2007-0337.html">RHSA-2007:0337</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id?1017974">1017974</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-102894-1">102894</a></li>
                                                                            <li>TRUSTIX - <a target="_blank" href="http://www.trustix.org/errata/2007/0015/">2007-0015</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/usn-454-1">USN-454-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1497">ADV-2007-1497</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/1549">ADV-2007-1549</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/33842">postgresql-searchpath-privilege-escalation(33842)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs301', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs301"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.16">cpe:/a:postgresql:postgresql:7.4.16</a>  and all previous versions</li>
                                    <li class="vs301">...</li>
                                                                    <li class="vs301 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.3.18">cpe:/a:postgresql:postgresql:7.3.18</a>  and all previous versions</li>
                                                                    <li class="vs301 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A7.4.16">cpe:/a:postgresql:postgresql:7.4.16</a>  and all previous versions</li>
                                                                    <li class="vs301 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.0.10">cpe:/a:postgresql:postgresql:8.0.10</a>  and all previous versions</li>
                                                                    <li class="vs301 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.1.6">cpe:/a:postgresql:postgresql:8.1.6</a>  and all previous versions</li>
                                                                    <li class="vs301 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Apostgresql%3Apostgresql%3A8.2.1">cpe:/a:postgresql:postgresql:8.2.1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l331_725b5a9cbd280b8e6c9a6fd32cbe44bf1aae10a3"></a>org.eclipse.datatools.modelbase.dbdefinition-1.0.2.v201107221519.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.modelbase.dbdefinition\1.0.2.v201107221519\725b5a9cbd280b8e6c9a6fd32cbe44bf1aae10a3\org.eclipse.datatools.modelbase.dbdefinition-1.0.2.v201107221519.jar<br/>
                            <b>MD5:</b>&nbsp;8bf72752aec7975cbe3fc13a56137975<br/>
                            <b>SHA1:</b>&nbsp;725b5a9cbd280b8e6c9a6fd32cbe44bf1aae10a3
                                                                                </p>
                                                <h4 id="header728" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content728" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.modelbase.dbdefinition</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.2.v201107221519</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.modelbase.dbdefinition-1.0.2.v201107221519</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.2.v20110722</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dbdefinition</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>modelbase</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.modelbase.dbdefinition; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.2.v201107221519</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.emf.ecore;bundle-version=&quot;[2.2.0,3.0.0)&quot;;visibility:=reexport,org.eclipse.datatools.modelbase.sql;bundle-version=&quot;[0.9.0,1.5.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.modelbase.dbdefinition</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.modelbase.dbdefinition_1.0.2.v201107221519.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.2.v201107221519</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header729" class="subsectionheader white">Identifiers</h4>
                                                <div id="content729" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.2.v20110722
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.modelbase.dbdefinition-1.0.2.v201107221519.jar', '725b5a9cbd280b8e6c9a6fd32cbe44bf1aae10a3', 'cpe', 'cpe:/a:eclipse:birt:1.0.2.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.modelbase.dbdefinition/1.0.2.v201107221519/org.eclipse.datatools.modelbase.dbdefinition-1.0.2.v201107221519.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.dbdefinition:1.0.2.v201107221519</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header730" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content730" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.modelbase.dbdefinition-1.0.2.v201107221519.jar', '725b5a9cbd280b8e6c9a6fd32cbe44bf1aae10a3', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs302"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l332_93018a0f0e585dd4ceb70e849570d6143034273a"></a>org.eclipse.datatools.modelbase.derby-1.0.0.v201107221519.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.modelbase.derby\1.0.0.v201107221519\93018a0f0e585dd4ceb70e849570d6143034273a\org.eclipse.datatools.modelbase.derby-1.0.0.v201107221519.jar<br/>
                            <b>MD5:</b>&nbsp;690932e0843d8a64619cc8a9b8e39408<br/>
                            <b>SHA1:</b>&nbsp;93018a0f0e585dd4ceb70e849570d6143034273a
                                                                                </p>
                                                <h4 id="header731" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content731" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.modelbase.derby</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.0.v201107221519</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.modelbase.derby-1.0.0.v201107221519</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.0.v20110722</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>derby</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>modelbase</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.modelbase.derby; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.0.v201107221519</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.datatools.modelbase.sql;bundle-version=&quot;[0.9.0,1.5.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.modelbase.derby</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.modelbase.derby_1.0.0.v201107221519.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.0.v201107221519</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header732" class="subsectionheader white">Identifiers</h4>
                                                <div id="content732" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.0.v20110722
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.modelbase.derby-1.0.0.v201107221519.jar', '93018a0f0e585dd4ceb70e849570d6143034273a', 'cpe', 'cpe:/a:eclipse:birt:1.0.0.v20110722')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.modelbase.derby/1.0.0.v201107221519/org.eclipse.datatools.modelbase.derby-1.0.0.v201107221519.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.derby:1.0.0.v201107221519</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header733" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content733" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.modelbase.derby-1.0.0.v201107221519.jar', '93018a0f0e585dd4ceb70e849570d6143034273a', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs303"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l333_663bfc41efd6030a37f7e6e7baf3b259606c1bcc"></a>org.eclipse.datatools.modelbase.sql.query-1.1.4.v201212120619.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.modelbase.sql.query\1.1.4.v201212120619\663bfc41efd6030a37f7e6e7baf3b259606c1bcc\org.eclipse.datatools.modelbase.sql.query-1.1.4.v201212120619.jar<br/>
                            <b>MD5:</b>&nbsp;c5bdb5c33253c78e9cf3fceb476357f2<br/>
                            <b>SHA1:</b>&nbsp;663bfc41efd6030a37f7e6e7baf3b259606c1bcc
                                                                                </p>
                                                <h4 id="header734" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content734" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.modelbase.sql.query</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.4.v201212120619</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.modelbase.sql.query-1.1.4.v201212120619</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1.4.v20121212</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>modelbase</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sql</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.modelbase.sql.query; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.1.4.v201212120619</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.datatools.modelbase.sql;bundle-version=&quot;[0.9.0,1.5.0)&quot;;visibility:=reexport</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.modelbase.sql.query</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.modelbase.sql.query_1.1.4.v201212120619.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.4.v201212120619</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header735" class="subsectionheader white">Identifiers</h4>
                                                <div id="content735" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.1.4.v20121212
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.modelbase.sql.query-1.1.4.v201212120619.jar', '663bfc41efd6030a37f7e6e7baf3b259606c1bcc', 'cpe', 'cpe:/a:eclipse:birt:1.1.4.v20121212')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.modelbase.sql.query/1.1.4.v201212120619/org.eclipse.datatools.modelbase.sql.query-1.1.4.v201212120619.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.sql.query:1.1.4.v201212120619</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header736" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content736" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.modelbase.sql.query-1.1.4.v201212120619.jar', '663bfc41efd6030a37f7e6e7baf3b259606c1bcc', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs304"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l334_731de727a1154c562038b045fa247716f68e93fe"></a>org.eclipse.datatools.modelbase.sql-1.0.6.v201208230744.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.datatools.modelbase.sql\1.0.6.v201208230744\731de727a1154c562038b045fa247716f68e93fe\org.eclipse.datatools.modelbase.sql-1.0.6.v201208230744.jar<br/>
                            <b>MD5:</b>&nbsp;b73d784c71179bd2ab08499c373cd2c0<br/>
                            <b>SHA1:</b>&nbsp;731de727a1154c562038b045fa247716f68e93fe
                                                                                </p>
                                                <h4 id="header737" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content737" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.datatools.modelbase.sql</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.6.v201208230744</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.datatools.modelbase.sql-1.0.6.v201208230744</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.6.v20120823</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>datatools</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>modelbase</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>sql</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.datatools.modelbase.sql; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.6.v201208230744</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.emf.ecore;bundle-version=&quot;[2.2.0,3.0.0)&quot;;visibility:=reexport</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.datatools.modelbase.sql</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.datatools.modelbase.sql_1.0.6.v201208230744.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.6.v201208230744</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header738" class="subsectionheader white">Identifiers</h4>
                                                <div id="content738" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.0.6.v20120823
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.datatools.modelbase.sql-1.0.6.v201208230744.jar', '731de727a1154c562038b045fa247716f68e93fe', 'cpe', 'cpe:/a:eclipse:birt:1.0.6.v20120823')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.datatools.modelbase.sql/1.0.6.v201208230744/org.eclipse.datatools.modelbase.sql-1.0.6.v201208230744.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.datatools.modelbase.sql:1.0.6.v201208230744</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header739" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content739" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.datatools.modelbase.sql-1.0.6.v201208230744.jar', '731de727a1154c562038b045fa247716f68e93fe', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs305"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l335_4a9dbfa87401190c710c16dcbbc7a2ea7cc3ff70"></a>org.eclipse.emf.common-2.10.1.v20140901-1043.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.emf.common\2.10.1.v20140901-1043\4a9dbfa87401190c710c16dcbbc7a2ea7cc3ff70\org.eclipse.emf.common-2.10.1.v20140901-1043.jar<br/>
                            <b>MD5:</b>&nbsp;df980d426f472a019fe8c58f1f420a0b<br/>
                            <b>SHA1:</b>&nbsp;4a9dbfa87401190c710c16dcbbc7a2ea7cc3ff70
                                                                                </p>
                                                <h4 id="header740" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content740" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.emf.common</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.10.1.v20140901-1043</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.emf.common-2.10.1.v20140901-1043</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.10.1.v20140901</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>common</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>emf</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>util</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.emf.common;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.10.1.v20140901-1043</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;resolution:=&quot;optional&quot;;x-installation:=&quot;greedy&quot;;bundle-version=&quot;[3.5.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.emf.common</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.emf.common_2.10.1.v20140901-1043.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.10.1.v20140901-1043</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header741" class="subsectionheader white">Identifiers</h4>
                                                <div id="content741" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:2.10.1.v20140901
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.emf.common-2.10.1.v20140901-1043.jar', '4a9dbfa87401190c710c16dcbbc7a2ea7cc3ff70', 'cpe', 'cpe:/a:eclipse:birt:2.10.1.v20140901')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.emf.common/2.10.1.v20140901-1043/org.eclipse.emf.common-2.10.1.v20140901-1043.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.emf.common:2.10.1.v20140901-1043</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l336_c42c134004940345d45bf8367dae63c871a2420f"></a>org.eclipse.emf.ecore.change-2.10.0.v20140901-1043.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.emf.ecore.change\2.10.0.v20140901-1043\c42c134004940345d45bf8367dae63c871a2420f\org.eclipse.emf.ecore.change-2.10.0.v20140901-1043.jar<br/>
                            <b>MD5:</b>&nbsp;374a1da708946f84e519eeed88f7062b<br/>
                            <b>SHA1:</b>&nbsp;c42c134004940345d45bf8367dae63c871a2420f
                                                                                </p>
                                                <h4 id="header742" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content742" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.emf.ecore.change</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.10.0.v20140901-1043</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.emf.ecore.change-2.10.0.v20140901-1043</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.10.0.v20140901</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>change</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ecore</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>emf</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.emf.ecore.change;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.10.0.v20140901-1043</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;resolution:=&quot;optional&quot;;x-installation:=&quot;greedy&quot;;bundle-version=&quot;[3.5.0,4.0.0)&quot;,org.eclipse.emf.ecore;visibility:=&quot;reexport&quot;;bundle-version=&quot;[2.10.0,3.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.emf.ecore.change</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.10.0.v20140901-1043</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header743" class="subsectionheader white">Identifiers</h4>
                                                <div id="content743" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:2.10.0.v20140901
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.emf.ecore.change-2.10.0.v20140901-1043.jar', 'c42c134004940345d45bf8367dae63c871a2420f', 'cpe', 'cpe:/a:eclipse:birt:2.10.0.v20140901')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.emf.ecore.change/2.10.0.v20140901-1043/org.eclipse.emf.ecore.change-2.10.0.v20140901-1043.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.emf.ecore.change:2.10.0.v20140901-1043</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l337_2a524cbae6c0ad0410c89270eb928ad90f75c95e"></a>org.eclipse.emf.ecore.xmi-2.10.1.v20140901-1043.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.emf.ecore.xmi\2.10.1.v20140901-1043\2a524cbae6c0ad0410c89270eb928ad90f75c95e\org.eclipse.emf.ecore.xmi-2.10.1.v20140901-1043.jar<br/>
                            <b>MD5:</b>&nbsp;47a6f6ebfb8ae5ed9c82360f8d670683<br/>
                            <b>SHA1:</b>&nbsp;2a524cbae6c0ad0410c89270eb928ad90f75c95e
                                                                                </p>
                                                <h4 id="header744" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content744" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.emf.ecore.xmi</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.10.1.v20140901-1043</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.emf.ecore.xmi-2.10.1.v20140901-1043</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.10.1.v20140901</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ecore</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>emf</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xmi</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.emf.ecore.xmi; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.10.1.v20140901-1043</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;resolution:=&quot;optional&quot;;x-installation:=&quot;greedy&quot;;bundle-version=&quot;[3.5.0,4.0.0)&quot;,org.eclipse.emf.ecore;visibility:=&quot;reexport&quot;;bundle-version=&quot;[2.10.0,3.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.emf.ecore.xmi</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.10.1.v20140901-1043</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header745" class="subsectionheader white">Identifiers</h4>
                                                <div id="content745" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:2.10.1.v20140901
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.emf.ecore.xmi-2.10.1.v20140901-1043.jar', '2a524cbae6c0ad0410c89270eb928ad90f75c95e', 'cpe', 'cpe:/a:eclipse:birt:2.10.1.v20140901')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.emf.ecore.xmi/2.10.1.v20140901-1043/org.eclipse.emf.ecore.xmi-2.10.1.v20140901-1043.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.emf.ecore.xmi:2.10.1.v20140901-1043</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l338_2da5a93e1d6eb2b6f78f215accc3304209b26104"></a>org.eclipse.emf.ecore-2.10.1.v20140901-1043.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.emf.ecore\2.10.1.v20140901-1043\2da5a93e1d6eb2b6f78f215accc3304209b26104\org.eclipse.emf.ecore-2.10.1.v20140901-1043.jar<br/>
                            <b>MD5:</b>&nbsp;28268d1878d5c7fc0248e1d24ca372db<br/>
                            <b>SHA1:</b>&nbsp;2da5a93e1d6eb2b6f78f215accc3304209b26104
                                                                                </p>
                                                <h4 id="header746" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content746" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.emf.ecore</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.10.1.v20140901-1043</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.emf.ecore-2.10.1.v20140901-1043</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.10.1.v20140901</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ecore</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>emf</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.emf.ecore;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.10.1.v20140901-1043</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.core.runtime;resolution:=&quot;optional&quot;;x-installation:=&quot;greedy&quot;;bundle-version=&quot;[3.5.0,4.0.0)&quot;,org.eclipse.emf.common;visibility:=&quot;reexport&quot;;bundle-version=&quot;[2.10.0,3.0.0)&quot;,org.eclipse.core.resources;resolution:=&quot;optional&quot;;bundle-version=&quot;[3.5.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.emf.ecore</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.10.1.v20140901-1043</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header747" class="subsectionheader white">Identifiers</h4>
                                                <div id="content747" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:2.10.1.v20140901
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.emf.ecore-2.10.1.v20140901-1043.jar', '2da5a93e1d6eb2b6f78f215accc3304209b26104', 'cpe', 'cpe:/a:eclipse:birt:2.10.1.v20140901')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.emf.ecore/2.10.1.v20140901-1043/org.eclipse.emf.ecore-2.10.1.v20140901-1043.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.emf.ecore:2.10.1.v20140901-1043</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l339_11d8c54ef675a951256777a9f36ebf7e1646ffd6"></a>org.eclipse.emf-2.6.0.v20140901-1055.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.emf\2.6.0.v20140901-1055\11d8c54ef675a951256777a9f36ebf7e1646ffd6\org.eclipse.emf-2.6.0.v20140901-1055.jar<br/>
                            <b>MD5:</b>&nbsp;9a377c1c93e9f69918196678d59a8ca8<br/>
                            <b>SHA1:</b>&nbsp;11d8c54ef675a951256777a9f36ebf7e1646ffd6
                                                                                </p>
                                                <h4 id="header748" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content748" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.emf</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.6.0.v20140901-1055</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.emf-2.6.0.v20140901-1055</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.6.0.v20140901</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.emf;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.6.0.v20140901-1055</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.emf</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.emf_2.6.0.v20140901-1055.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.6.0.v20140901-1055</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header749" class="subsectionheader white">Identifiers</h4>
                                                <div id="content749" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:2.6.0.v20140901
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.emf-2.6.0.v20140901-1055.jar', '11d8c54ef675a951256777a9f36ebf7e1646ffd6', 'cpe', 'cpe:/a:eclipse:birt:2.6.0.v20140901')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.emf/2.6.0.v20140901-1055/org.eclipse.emf-2.6.0.v20140901-1055.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.emf:2.6.0.v20140901-1055</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l340_cfe0deab8c3c4f4caea3767bc8bbaa4789b8f782"></a>org.eclipse.equinox.app-1.3.100.v20130327-1442.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.equinox.app\1.3.100.v20130327-1442\cfe0deab8c3c4f4caea3767bc8bbaa4789b8f782\org.eclipse.equinox.app-1.3.100.v20130327-1442.jar<br/>
                            <b>MD5:</b>&nbsp;2f4d4cc26c71bd7383fd9b7762ed57ae<br/>
                            <b>SHA1:</b>&nbsp;cfe0deab8c3c4f4caea3767bc8bbaa4789b8f782
                                                                                </p>
                                                <h4 id="header750" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content750" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.equinox.app</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3.100.v20130327-1442</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.equinox.app-1.3.100.v20130327-1442</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3.100.v20130327</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>app</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>equinox</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>OSGi/Minimum-1.2,CDC-1.1/Foundation-1.1,J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.equinox.app; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.3.100.v20130327-1442</td></tr>
                                                                    <tr><td>Manifest</td><td>comment-dynamicimport</td><td>this is only used to allow late binding of the package</td></tr>
                                                                    <tr><td>Manifest</td><td>comment-header</td><td>3.2</td></tr>
                                                                    <tr><td>Manifest</td><td>comment-header</td><td>Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.equinox.registry;bundle-version=&quot;[3.4.0,4.0.0)&quot;,org.eclipse.equinox.common;bundle-version=&quot;[3.2.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.equinox.app</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.equinox.app_1.3.100.v20130327-1442.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3.100.v20130327-1442</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header751" class="subsectionheader white">Identifiers</h4>
                                                <div id="content751" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:1.3.100.v20130327
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.equinox.app-1.3.100.v20130327-1442.jar', 'cfe0deab8c3c4f4caea3767bc8bbaa4789b8f782', 'cpe', 'cpe:/a:eclipse:birt:1.3.100.v20130327')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.equinox.app/1.3.100.v20130327-1442/org.eclipse.equinox.app-1.3.100.v20130327-1442.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.equinox.app:1.3.100.v20130327-1442</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header752" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content752" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4521">CVE-2009-4521</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('org.eclipse.equinox.app-1.3.100.v20130327-1442.jar', 'cfe0deab8c3c4f4caea3767bc8bbaa4789b8f782', 'cve', 'CVE-2009-4521')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36674">36674</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/507172/100/0/threaded">20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127">https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss">http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53773">eclipse-report-xss(53773)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs306"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aeclipse%3Abirt%3A2.3.2">cpe:/a:eclipse:birt:2.3.2</a>  and all previous versions</li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l341_550778d95ea4d5f2fee765e85eb799cec21067e0"></a>org.eclipse.equinox.common-3.6.200.v20130402-1505.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.equinox.common\3.6.200.v20130402-1505\550778d95ea4d5f2fee765e85eb799cec21067e0\org.eclipse.equinox.common-3.6.200.v20130402-1505.jar<br/>
                            <b>MD5:</b>&nbsp;551dd5efb955af78e2794fb67a30be0c<br/>
                            <b>SHA1:</b>&nbsp;550778d95ea4d5f2fee765e85eb799cec21067e0
                                                                                </p>
                                                <h4 id="header753" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content753" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.equinox.common</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.6.200.v20130402-1505</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.equinox.common-3.6.200.v20130402-1505</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.6.200.v20130402</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>core</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>runtime</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>CDC-1.1/Foundation-1.1,J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.equinox.common; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.6.200.v20130402-1505</td></tr>
                                                                    <tr><td>Manifest</td><td>comment-header</td><td>3.2</td></tr>
                                                                    <tr><td>Manifest</td><td>comment-header</td><td>Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.equinox.common</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.equinox.common_3.6.200.v20130402-1505.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.6.200.v20130402-1505</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header754" class="subsectionheader white">Identifiers</h4>
                                                <div id="content754" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.6.200.v20130402
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.equinox.common-3.6.200.v20130402-1505.jar', '550778d95ea4d5f2fee765e85eb799cec21067e0', 'cpe', 'cpe:/a:eclipse:birt:3.6.200.v20130402')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.equinox.common/3.6.200.v20130402-1505/org.eclipse.equinox.common-3.6.200.v20130402-1505.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.equinox.common:3.6.200.v20130402-1505</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l342_bc48b6b0c00898d5eb2cbd6024fc0235ae04f3d2"></a>org.eclipse.equinox.preferences-3.5.100.v20130422-1538.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.equinox.preferences\3.5.100.v20130422-1538\bc48b6b0c00898d5eb2cbd6024fc0235ae04f3d2\org.eclipse.equinox.preferences-3.5.100.v20130422-1538.jar<br/>
                            <b>MD5:</b>&nbsp;fc94bbfa2dcfe6b40cefce0f5a305f3a<br/>
                            <b>SHA1:</b>&nbsp;bc48b6b0c00898d5eb2cbd6024fc0235ae04f3d2
                                                                                </p>
                                                <h4 id="header755" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content755" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.equinox.preferences</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.5.100.v20130422-1538</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.equinox.preferences-3.5.100.v20130422-1538</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.5.100.v20130422</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>core</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>preferences</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-activationpolicy</td><td>lazy; exclude:=&quot;org.eclipse.core.internal.preferences.exchange&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>CDC-1.1/Foundation-1.1,J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.equinox.preferences; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.5.100.v20130422-1538</td></tr>
                                                                    <tr><td>Manifest</td><td>comment-header</td><td>3.2</td></tr>
                                                                    <tr><td>Manifest</td><td>comment-header</td><td>Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2</td></tr>
                                                                    <tr><td>Manifest</td><td>eclipse-lazystart</td><td>true; exceptions=&quot;org.eclipse.core.internal.preferences.exchange&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.equinox.common;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.equinox.registry;bundle-version=&quot;[3.2.0,4.0.0)&quot;;resolution:=optional</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.equinox.preferences</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.equinox.preferences_3.5.100.v20130422-1538.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.5.100.v20130422-1538</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header756" class="subsectionheader white">Identifiers</h4>
                                                <div id="content756" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.5.100.v20130422
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.equinox.preferences-3.5.100.v20130422-1538.jar', 'bc48b6b0c00898d5eb2cbd6024fc0235ae04f3d2', 'cpe', 'cpe:/a:eclipse:birt:3.5.100.v20130422')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.equinox.preferences/3.5.100.v20130422-1538/org.eclipse.equinox.preferences-3.5.100.v20130422-1538.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.equinox.preferences:3.5.100.v20130422-1538</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l343_897775850f15e1595464bbff11562583b8132499"></a>org.eclipse.equinox.registry-3.5.400.v20140428-1507.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.equinox.registry\3.5.400.v20140428-1507\897775850f15e1595464bbff11562583b8132499\org.eclipse.equinox.registry-3.5.400.v20140428-1507.jar<br/>
                            <b>MD5:</b>&nbsp;b31d9c600f764fdcafacdef1ba72cb91<br/>
                            <b>SHA1:</b>&nbsp;897775850f15e1595464bbff11562583b8132499
                                                                                </p>
                                                <h4 id="header757" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content757" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.equinox.registry</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.5.400.v20140428-1507</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.equinox.registry-3.5.400.v20140428-1507</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.5.400.v20140428</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>core</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>registry</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>CDC-1.1/Foundation-1.1,J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.equinox.registry;singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.5.400.v20140428-1507</td></tr>
                                                                    <tr><td>Manifest</td><td>comment-header</td><td>3.2</td></tr>
                                                                    <tr><td>Manifest</td><td>comment-header</td><td>Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.equinox.common;bundle-version=&quot;[3.2.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.equinox.registry</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.5.400.v20140428-1507</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header758" class="subsectionheader white">Identifiers</h4>
                                                <div id="content758" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.5.400.v20140428
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.equinox.registry-3.5.400.v20140428-1507.jar', '897775850f15e1595464bbff11562583b8132499', 'cpe', 'cpe:/a:eclipse:birt:3.5.400.v20140428')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.equinox.registry/3.5.400.v20140428-1507/org.eclipse.equinox.registry-3.5.400.v20140428-1507.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.equinox.registry:3.5.400.v20140428-1507</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l344_98f0232dc80679a3f5c1effe15344dc7ceac98dc"></a>org.eclipse.orbit.mongodb-2.10.1.v20130422-1135.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.orbit.mongodb\2.10.1.v20130422-1135\98f0232dc80679a3f5c1effe15344dc7ceac98dc\org.eclipse.orbit.mongodb-2.10.1.v20130422-1135.jar<br/>
                            <b>MD5:</b>&nbsp;aeb824a874797d3ce55dec345ab6d44c<br/>
                            <b>SHA1:</b>&nbsp;98f0232dc80679a3f5c1effe15344dc7ceac98dc
                                                                                </p>
                                                <h4 id="header759" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content759" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.orbit.mongodb</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.10.1.v20130422-1135</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.orbit.mongodb-2.10.1.v20130422-1135</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.10.1.v20130422</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>mongodb</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%Bundle-Name</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.orbit.mongodb</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.10.1.v20130422-1135</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.orbit.mongodb</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.orbit.mongodb_2.10.1.v20130422-1135.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.10.1.v20130422-1135</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header760" class="subsectionheader white">Identifiers</h4>
                                                <div id="content760" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:mongodb:mongodb:2.10.1.v20130422
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.orbit.mongodb-2.10.1.v20130422-1135.jar', '98f0232dc80679a3f5c1effe15344dc7ceac98dc', 'cpe', 'cpe:/a:mongodb:mongodb:2.10.1.v20130422')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.orbit.mongodb/2.10.1.v20130422-1135/org.eclipse.orbit.mongodb-2.10.1.v20130422-1135.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.orbit.mongodb:2.10.1.v20130422-1135</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l345_1d73531fac5372870373a06193985611b1239f0c"></a>org.eclipse.osgi.services-3.3.100.v20130513-1956.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.osgi.services\3.3.100.v20130513-1956\1d73531fac5372870373a06193985611b1239f0c\org.eclipse.osgi.services-3.3.100.v20130513-1956.jar<br/>
                            <b>MD5:</b>&nbsp;7f7d4198812b01cb7c5a26399af7706f<br/>
                            <b>SHA1:</b>&nbsp;1d73531fac5372870373a06193985611b1239f0c
                                                                                </p>
                                                <h4 id="header761" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content761" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.osgi.services</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.3.100.v20130513-1956</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.osgi.services-3.3.100.v20130513-1956</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.3.100.v20130513</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>osgi</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>service</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>%osgiServicesDes</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%osgiServices</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>OSGi/Minimum-1.2,CDC-1.1/Foundation-1.1,J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.osgi.services</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.3.100.v20130513-1956</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.osgi.services</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.osgi.services_3.3.100.v20130513-1956.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.3.100.v20130513-1956</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header762" class="subsectionheader white">Identifiers</h4>
                                                <div id="content762" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.osgi.services/3.3.100.v20130513-1956/org.eclipse.osgi.services-3.3.100.v20130513-1956.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.osgi.services:3.3.100.v20130513-1956</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l346_e6a47e8e3edaf8b3cf74a1d5540a9c91369fb28a"></a>org.eclipse.osgi-3.10.1.v20140909-1633.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.osgi\3.10.1.v20140909-1633\e6a47e8e3edaf8b3cf74a1d5540a9c91369fb28a\org.eclipse.osgi-3.10.1.v20140909-1633.jar<br/>
                            <b>MD5:</b>&nbsp;07e3c874013c7228107c5e0f61a942f5<br/>
                            <b>SHA1:</b>&nbsp;e6a47e8e3edaf8b3cf74a1d5540a9c91369fb28a
                                                                                </p>
                                                <h4 id="header763" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content763" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.osgi</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.10.1.v20140909-1633</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.osgi-3.10.1.v20140909-1633</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.10.1.v20140909</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>osgi</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>%copyright</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>%systemBundle</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%systemBundle</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.osgi; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.10.1.v20140909-1633</td></tr>
                                                                    <tr><td>Manifest</td><td>commentout-require-capability</td><td>osgi.ee; filter:=&quot;(| (&amp;(osgi.ee=JavaSE)(version=1.6)) (&amp;(osgi.ee=JavaSE/compact1)(version=1.8)) )&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.osgi</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.osgi_3.10.1.v20140909-1633.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.10.1.v20140909-1633</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header764" class="subsectionheader white">Identifiers</h4>
                                                <div id="content764" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.10.1.v20140909
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.osgi-3.10.1.v20140909-1633.jar', 'e6a47e8e3edaf8b3cf74a1d5540a9c91369fb28a', 'cpe', 'cpe:/a:eclipse:birt:3.10.1.v20140909')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.osgi/3.10.1.v20140909-1633/org.eclipse.osgi-3.10.1.v20140909-1633.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.osgi:3.10.1.v20140909-1633</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l347_4375455f2f0bd4f014e79758bbb3d4b7340e2943"></a>org.eclipse.update.configurator-3.3.200.v20130326-1319.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\org.eclipse.update.configurator\3.3.200.v20130326-1319\4375455f2f0bd4f014e79758bbb3d4b7340e2943\org.eclipse.update.configurator-3.3.200.v20130326-1319.jar<br/>
                            <b>MD5:</b>&nbsp;6af0b597ad8ab9b35422f6170e31b594<br/>
                            <b>SHA1:</b>&nbsp;4375455f2f0bd4f014e79758bbb3d4b7340e2943
                                                                                </p>
                                                <h4 id="header765" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content765" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>org.eclipse.update.configurator</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.3.200.v20130326-1319</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.eclipse.update.configurator-3.3.200.v20130326-1319</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.3.200.v20130326</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>configurator</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>update</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>%pluginName</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.4,CDC-1.0/Foundation-1.0,J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.update.configurator; singleton:=true</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.3.200.v20130326-1319</td></tr>
                                                                    <tr><td>Manifest</td><td>require-bundle</td><td>org.eclipse.equinox.common;bundle-version=&quot;[3.2.0,4.0.0)&quot;,org.eclipse.osgi;bundle-version=&quot;[3.2.0,4.0.0)&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>service-component</td><td>OSGI-INF/bundleGroup.xml</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>eclipse.update.configurator</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>org.eclipse.update.configurator_3.3.200.v20130326-1319.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.3.200.v20130326-1319</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header766" class="subsectionheader white">Identifiers</h4>
                                                <div id="content766" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:3.3.200.v20130326
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.eclipse.update.configurator-3.3.200.v20130326-1319.jar', '4375455f2f0bd4f014e79758bbb3d4b7340e2943', 'cpe', 'cpe:/a:eclipse:birt:3.3.200.v20130326')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/org.eclipse.update.configurator/3.3.200.v20130326-1319/org.eclipse.update.configurator-3.3.200.v20130326-1319.jar" target="_blank">org.eclipse.birt.runtime:org.eclipse.update.configurator:3.3.200.v20130326-1319</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l348_059c773f6cd138d08b18c47ed2c1581283f573fd"></a>viewservlets-4.5.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;A component of the BIRT runtime<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/org/documents/epl-v10.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.birt.runtime\viewservlets\4.5.0\59c773f6cd138d08b18c47ed2c1581283f573fd\viewservlets-4.5.0.jar<br/>
                            <b>MD5:</b>&nbsp;fca067702a5dcaaa9715924cbd616735<br/>
                            <b>SHA1:</b>&nbsp;059c773f6cd138d08b18c47ed2c1581283f573fd
                                                                                </p>
                                                <h4 id="header767" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content767" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>viewservlets</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.birt.runtime</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.5.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>viewservlets-4.5.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.5.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>birt</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>report</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>viewservlets</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>A component of the BIRT runtime</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.birt.runtime</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>viewservlets.jar</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/projects/project.php?id=birt</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.5.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header768" class="subsectionheader white">Identifiers</h4>
                                                <div id="content768" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:birt:4.5.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('viewservlets-4.5.0.jar', '059c773f6cd138d08b18c47ed2c1581283f573fd', 'cpe', 'cpe:/a:eclipse:birt:4.5.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/birt/runtime/viewservlets/4.5.0/viewservlets-4.5.0.jar" target="_blank">org.eclipse.birt.runtime:viewservlets:4.5.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l349_bee1367ac12fb6a20b422ff8711ebeb4f0a42316"></a>ecj-4.5.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Eclipse JDT Core Batch Compiler<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Eclipse Public License v1.0: http://www.eclipse.org/org/documents/epl-v10.php</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jdt.core.compiler\ecj\4.5.1\bee1367ac12fb6a20b422ff8711ebeb4f0a42316\ecj-4.5.1.jar<br/>
                            <b>MD5:</b>&nbsp;030848131b94835e60a3fd1973d4aacd<br/>
                            <b>SHA1:</b>&nbsp;bee1367ac12fb6a20b422ff8711ebeb4f0a42316
                                                                                </p>
                                                <h4 id="header769" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content769" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ecj</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jdt.core.compiler</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.5.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ecj-4.5.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.5.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>compiler</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>eclipse</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jdt</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Eclipse Compiler for Java(TM)</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jdt.core.compiler.batch</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.11.1.v20150902-1521</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ecj</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Eclipse JDT Core Batch Compiler</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jdt.core.compiler</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Eclipse ECJ</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jdt/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.5.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header770" class="subsectionheader white">Identifiers</h4>
                                                <div id="content770" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/eclipse/jdt/core/compiler/ecj/4.5.1/ecj-4.5.1.jar" target="_blank">org.eclipse.jdt.core.compiler:ecj:4.5.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l350_dec4dfc43617637694762822ef99c8373c944c98"></a>jetty-continuation-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Asynchronous API<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-continuation\9.3.8.v20160314\dec4dfc43617637694762822ef99c8373c944c98\jetty-continuation-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;8822eb5274a61441c61f61721c08bf07<br/>
                            <b>SHA1:</b>&nbsp;dec4dfc43617637694762822ef99c8373c944c98
                                                                                </p>
                                                <h4 id="header771" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content771" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-continuation</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-continuation-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: Continuation</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: Continuation</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.continuation</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-continuation</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Asynchronous API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: Continuation</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header772" class="subsectionheader white">Identifiers</h4>
                                                <div id="content772" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-continuation-9.3.8.v20160314.jar', 'dec4dfc43617637694762822ef99c8373c944c98', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-continuation-9.3.8.v20160314.jar', 'dec4dfc43617637694762822ef99c8373c944c98', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22dec4dfc43617637694762822ef99c8373c944c98%22" target="_blank">org.eclipse.jetty:jetty-continuation:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l351_fe4025121641f5c4b06986e9b14983964bfcd7d5"></a>jetty-deploy-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Jetty deployers<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-deploy\9.3.8.v20160314\fe4025121641f5c4b06986e9b14983964bfcd7d5\jetty-deploy-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;b601a0324003cec21b983210ce5d0528<br/>
                            <b>SHA1:</b>&nbsp;fe4025121641f5c4b06986e9b14983964bfcd7d5
                                                                                </p>
                                                <h4 id="header773" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content773" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-deploy</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-deploy-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: Deployers</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: Deployers</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.deploy</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-deploy</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Jetty deployers</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: Deployers</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header774" class="subsectionheader white">Identifiers</h4>
                                                <div id="content774" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-deploy-9.3.8.v20160314.jar', 'fe4025121641f5c4b06986e9b14983964bfcd7d5', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-deploy-9.3.8.v20160314.jar', 'fe4025121641f5c4b06986e9b14983964bfcd7d5', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22fe4025121641f5c4b06986e9b14983964bfcd7d5%22" target="_blank">org.eclipse.jetty:jetty-deploy:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l352_0127feb7407f4137ff4295b5fa2895845db56710"></a>jetty-http-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Jetty module for Jetty :: Http Utility<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-http\9.3.8.v20160314\127feb7407f4137ff4295b5fa2895845db56710\jetty-http-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;ae36cb933d1b1e2f0222d16179edb795<br/>
                            <b>SHA1:</b>&nbsp;0127feb7407f4137ff4295b5fa2895845db56710
                                                                                </p>
                                                <h4 id="header775" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content775" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-http</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-http-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: Http Utility</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: Http Utility</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.http</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-http</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: Http Utility</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header776" class="subsectionheader white">Identifiers</h4>
                                                <div id="content776" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-http-9.3.8.v20160314.jar', '0127feb7407f4137ff4295b5fa2895845db56710', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-http-9.3.8.v20160314.jar', '0127feb7407f4137ff4295b5fa2895845db56710', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%220127feb7407f4137ff4295b5fa2895845db56710%22" target="_blank">org.eclipse.jetty:jetty-http:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l353_371e3c2b72d9a9737579ec0fdfd6a2a3ab8b8141"></a>jetty-io-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Jetty module for Jetty :: IO Utility<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-io\9.3.8.v20160314\371e3c2b72d9a9737579ec0fdfd6a2a3ab8b8141\jetty-io-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;ccde73db8fdef03771ebe79c3d550704<br/>
                            <b>SHA1:</b>&nbsp;371e3c2b72d9a9737579ec0fdfd6a2a3ab8b8141
                                                                                </p>
                                                <h4 id="header777" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content777" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-io</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-io-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: IO Utility</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: IO Utility</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.io</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-io</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: IO Utility</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header778" class="subsectionheader white">Identifiers</h4>
                                                <div id="content778" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-io-9.3.8.v20160314.jar', '371e3c2b72d9a9737579ec0fdfd6a2a3ab8b8141', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22371e3c2b72d9a9737579ec0fdfd6a2a3ab8b8141%22" target="_blank">org.eclipse.jetty:jetty-io:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l354_4aca2eb607d49969bac6a5f36be24ebe1d6d39ad"></a>jetty-jmx-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;JMX management artifact for jetty.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-jmx\9.3.8.v20160314\4aca2eb607d49969bac6a5f36be24ebe1d6d39ad\jetty-jmx-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;41b58cd469e94d01cce348b69bc3940a<br/>
                            <b>SHA1:</b>&nbsp;4aca2eb607d49969bac6a5f36be24ebe1d6d39ad
                                                                                </p>
                                                <h4 id="header779" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content779" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-jmx</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-jmx-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: JMX Management</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: JMX Management</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.jmx</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-jmx</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>JMX management artifact for jetty.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: JMX Management</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header780" class="subsectionheader white">Identifiers</h4>
                                                <div id="content780" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-jmx-9.3.8.v20160314.jar', '4aca2eb607d49969bac6a5f36be24ebe1d6d39ad', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-jmx-9.3.8.v20160314.jar', '4aca2eb607d49969bac6a5f36be24ebe1d6d39ad', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%224aca2eb607d49969bac6a5f36be24ebe1d6d39ad%22" target="_blank">org.eclipse.jetty:jetty-jmx:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l355_264a34089a62d22cea8e38f6ab6c55d8cef992dc"></a>jetty-rewrite-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Jetty Rewrite Handler<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-rewrite\9.3.8.v20160314\264a34089a62d22cea8e38f6ab6c55d8cef992dc\jetty-rewrite-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;fcb6651a5aca594654d3a6502530ff23<br/>
                            <b>SHA1:</b>&nbsp;264a34089a62d22cea8e38f6ab6c55d8cef992dc
                                                                                </p>
                                                <h4 id="header781" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content781" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-rewrite</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-rewrite-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: Rewrite Handler</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: Rewrite Handler</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.rewrite</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-rewrite</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Jetty Rewrite Handler</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: Rewrite Handler</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header782" class="subsectionheader white">Identifiers</h4>
                                                <div id="content782" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-rewrite-9.3.8.v20160314.jar', '264a34089a62d22cea8e38f6ab6c55d8cef992dc', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-rewrite-9.3.8.v20160314.jar', '264a34089a62d22cea8e38f6ab6c55d8cef992dc', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22264a34089a62d22cea8e38f6ab6c55d8cef992dc%22" target="_blank">org.eclipse.jetty:jetty-rewrite:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l356_5291fa5e3098f08017bfcc7f950a7ce36c9544d7"></a>jetty-security-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Jetty security infrastructure<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-security\9.3.8.v20160314\5291fa5e3098f08017bfcc7f950a7ce36c9544d7\jetty-security-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;0fa1508d39db9c38178e556a8a41e8c4<br/>
                            <b>SHA1:</b>&nbsp;5291fa5e3098f08017bfcc7f950a7ce36c9544d7
                                                                                </p>
                                                <h4 id="header783" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content783" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-security</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-security-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: Security</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: Security</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.security</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-security</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Jetty security infrastructure</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: Security</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header784" class="subsectionheader white">Identifiers</h4>
                                                <div id="content784" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-security-9.3.8.v20160314.jar', '5291fa5e3098f08017bfcc7f950a7ce36c9544d7', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-security-9.3.8.v20160314.jar', '5291fa5e3098f08017bfcc7f950a7ce36c9544d7', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%225291fa5e3098f08017bfcc7f950a7ce36c9544d7%22" target="_blank">org.eclipse.jetty:jetty-security:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l357_da8366f602f35d4c3177cb081472e2fc4abe04ea"></a>jetty-server-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The core jetty server artifact.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-server\9.3.8.v20160314\da8366f602f35d4c3177cb081472e2fc4abe04ea\jetty-server-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;b89f7fe7882042e94e78280bfdff5f27<br/>
                            <b>SHA1:</b>&nbsp;da8366f602f35d4c3177cb081472e2fc4abe04ea
                                                                                </p>
                                                <h4 id="header785" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content785" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-server</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-server-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: Server Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: Server Core</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.server</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-server</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The core jetty server artifact.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: Server Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header786" class="subsectionheader white">Identifiers</h4>
                                                <div id="content786" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-server-9.3.8.v20160314.jar', 'da8366f602f35d4c3177cb081472e2fc4abe04ea', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-server-9.3.8.v20160314.jar', 'da8366f602f35d4c3177cb081472e2fc4abe04ea', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22da8366f602f35d4c3177cb081472e2fc4abe04ea%22" target="_blank">org.eclipse.jetty:jetty-server:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l358_ea5f25d3326d7745d9c21d405dcf6f878efbd5fb"></a>jetty-servlet-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Jetty Servlet Container<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-servlet\9.3.8.v20160314\ea5f25d3326d7745d9c21d405dcf6f878efbd5fb\jetty-servlet-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;3c1bc27cd08ecdb33aeb736205367bfd<br/>
                            <b>SHA1:</b>&nbsp;ea5f25d3326d7745d9c21d405dcf6f878efbd5fb
                                                                                </p>
                                                <h4 id="header787" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content787" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-servlet</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-servlet-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: Servlet Handling</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: Servlet Handling</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.servlet</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-servlet</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Jetty Servlet Container</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: Servlet Handling</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header788" class="subsectionheader white">Identifiers</h4>
                                                <div id="content788" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-servlet-9.3.8.v20160314.jar', 'ea5f25d3326d7745d9c21d405dcf6f878efbd5fb', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-servlet-9.3.8.v20160314.jar', 'ea5f25d3326d7745d9c21d405dcf6f878efbd5fb', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22ea5f25d3326d7745d9c21d405dcf6f878efbd5fb%22" target="_blank">org.eclipse.jetty:jetty-servlet:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l359_7c6cca49412e873cc2cee9903e3209525175f60d"></a>jetty-servlets-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Utility Servlets from Jetty<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-servlets\9.3.8.v20160314\7c6cca49412e873cc2cee9903e3209525175f60d\jetty-servlets-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;c004ce7d1d89bd7802c4412730648b09<br/>
                            <b>SHA1:</b>&nbsp;7c6cca49412e873cc2cee9903e3209525175f60d
                                                                                </p>
                                                <h4 id="header789" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content789" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-servlets</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-servlets-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: Utility Servlets and Filters</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: Utility Servlets and Filters</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.servlets</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-servlets</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Utility Servlets from Jetty</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: Utility Servlets and Filters</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header790" class="subsectionheader white">Identifiers</h4>
                                                <div id="content790" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-servlets-9.3.8.v20160314.jar', '7c6cca49412e873cc2cee9903e3209525175f60d', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-servlets-9.3.8.v20160314.jar', '7c6cca49412e873cc2cee9903e3209525175f60d', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%227c6cca49412e873cc2cee9903e3209525175f60d%22" target="_blank">org.eclipse.jetty:jetty-servlets:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l360_01d53c7a7e7715e67d6f4edec6c5b328ee162e65"></a>jetty-util-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Utility classes for Jetty<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-util\9.3.8.v20160314\1d53c7a7e7715e67d6f4edec6c5b328ee162e65\jetty-util-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;6b09d9a12d44f8198fb5ea925c0006da<br/>
                            <b>SHA1:</b>&nbsp;01d53c7a7e7715e67d6f4edec6c5b328ee162e65
                                                                                </p>
                                                <h4 id="header791" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content791" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-util</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-util-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: Utilities</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: Utilities</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.util</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-util</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Utility classes for Jetty</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: Utilities</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header792" class="subsectionheader white">Identifiers</h4>
                                                <div id="content792" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-util-9.3.8.v20160314.jar', '01d53c7a7e7715e67d6f4edec6c5b328ee162e65', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-util-9.3.8.v20160314.jar', '01d53c7a7e7715e67d6f4edec6c5b328ee162e65', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2201d53c7a7e7715e67d6f4edec6c5b328ee162e65%22" target="_blank">org.eclipse.jetty:jetty-util:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l361_2f0dfef84af7c97f2a1f14db65aa3f37349420e4"></a>jetty-webapp-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Jetty web application support<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-webapp\9.3.8.v20160314\2f0dfef84af7c97f2a1f14db65aa3f37349420e4\jetty-webapp-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;8acf9d9da956ce6f5e751f2c40f4986f<br/>
                            <b>SHA1:</b>&nbsp;2f0dfef84af7c97f2a1f14db65aa3f37349420e4
                                                                                </p>
                                                <h4 id="header793" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content793" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-webapp</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-webapp-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: Webapp Application Support</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: Webapp Application Support</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.webapp</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-webapp</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Jetty web application support</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: Webapp Application Support</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header794" class="subsectionheader white">Identifiers</h4>
                                                <div id="content794" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-webapp-9.3.8.v20160314.jar', '2f0dfef84af7c97f2a1f14db65aa3f37349420e4', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-webapp-9.3.8.v20160314.jar', '2f0dfef84af7c97f2a1f14db65aa3f37349420e4', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%222f0dfef84af7c97f2a1f14db65aa3f37349420e4%22" target="_blank">org.eclipse.jetty:jetty-webapp:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l362_f02bbbf71d7ea706a95fedf7e76c3ff243049bfc"></a>jetty-xml-9.3.8.v20160314.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The jetty xml utilities.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php">http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.eclipse.jetty\jetty-xml\9.3.8.v20160314\f02bbbf71d7ea706a95fedf7e76c3ff243049bfc\jetty-xml-9.3.8.v20160314.jar<br/>
                            <b>MD5:</b>&nbsp;5f80e224dbd414816077745f1dd665ce<br/>
                            <b>SHA1:</b>&nbsp;f02bbbf71d7ea706a95fedf7e76c3ff243049bfc
                                                                                </p>
                                                <h4 id="header795" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content795" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jetty-xml</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jetty-xml-9.3.8.v20160314</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) 2008-2016 Mort Bay Consulting Pty. Ltd.</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Jetty module for Jetty :: XML utilities</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Jetty :: XML utilities</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.eclipse.jetty.xml</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse.org - Jetty</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>9.3.8.v20160314</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td></tr>
                                                                    <tr><td>Manifest</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jetty-xml</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The jetty xml utilities.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Jetty :: XML utilities</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>jetty-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.eclipse.jetty</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.eclipse.org/jetty</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>9.3.8.v20160314</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header796" class="subsectionheader white">Identifiers</h4>
                                                <div id="content796" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:eclipse:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-xml-9.3.8.v20160314.jar', 'f02bbbf71d7ea706a95fedf7e76c3ff243049bfc', 'cpe', 'cpe:/a:eclipse:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:jetty:jetty:9.3.8.v20160314
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('jetty-xml-9.3.8.v20160314.jar', 'f02bbbf71d7ea706a95fedf7e76c3ff243049bfc', 'cpe', 'cpe:/a:jetty:jetty:9.3.8.v20160314')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22f02bbbf71d7ea706a95fedf7e76c3ff243049bfc%22" target="_blank">org.eclipse.jetty:jetty-xml:9.3.8.v20160314</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l363_9b31ed0d0321dfc1ae7ce63f2557df04b52a79e3"></a>freemarker-2.3.25-incubating.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    FreeMarker is a &quot;template engine&quot;; a generic tool to generate text output based on templates.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.freemarker\freemarker\2.3.25-incubating\9b31ed0d0321dfc1ae7ce63f2557df04b52a79e3\freemarker-2.3.25-incubating.jar<br/>
                            <b>MD5:</b>&nbsp;5870e519549961e969a5226e446bfd53<br/>
                            <b>SHA1:</b>&nbsp;9b31ed0d0321dfc1ae7ce63f2557df04b52a79e3
                                                                                </p>
                                                <h4 id="header797" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content797" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>freemarker</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.freemarker</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.3.25-incubating</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>freemarker-2.3.25-incubating</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.3.25</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>freemarker</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>org.freemarker.freemarker</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5, J2SE-1.4</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.freemarker.freemarker</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.3.25.stable-incubating</td></tr>
                                                                    <tr><td>Manifest</td><td>dstamp</td><td>20160614</td></tr>
                                                                    <tr><td>Manifest</td><td>extension-name</td><td>FreeMarker</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>FreeMarker</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>freemarker.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.3.25</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>FreeMarker</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>freemarker.org</td></tr>
                                                                    <tr><td>Manifest</td><td>today</td><td>14</td></tr>
                                                                    <tr><td>Manifest</td><td>today</td><td>2016</td></tr>
                                                                    <tr><td>Manifest</td><td>today</td><td>June 14 2016</td></tr>
                                                                    <tr><td>Manifest</td><td>tstamp</td><td>2202</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>freemarker</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> FreeMarker is a &quot;template engine&quot;; a generic tool to generate text output based on templates. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>freemarker</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache FreeMarker</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://apache.org
  </td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.3.25-incubating</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://freemarker.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.3.25-incubating</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header798" class="subsectionheader white">Identifiers</h4>
                                                <div id="content798" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/freemarker/freemarker/2.3.25-incubating/freemarker-2.3.25-incubating.jar" target="_blank">org.freemarker:freemarker:2.3.25-incubating</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l364_71deedbdfe6a1b0dcadd6c5ae335e3e9b427524c"></a>vorbis-java-core-0.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.gagravarr\vorbis-java-core\0.6\71deedbdfe6a1b0dcadd6c5ae335e3e9b427524c\vorbis-java-core-0.6.jar<br/>
                            <b>MD5:</b>&nbsp;724a557bf19d77f362b41f2796be158c<br/>
                            <b>SHA1:</b>&nbsp;71deedbdfe6a1b0dcadd6c5ae335e3e9b427524c
                                                                                </p>
                                                <h4 id="header799" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content799" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>vorbis-java-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.gagravarr</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>vorbis-java-core-0.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.6</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>gagravarr</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>vorbis-java-core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>gagravarr</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Ogg and Vorbis for Java, Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>vorbis-java-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.gagravarr</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/Gagravarr/VorbisJava</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header800" class="subsectionheader white">Identifiers</h4>
                                                <div id="content800" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2271deedbdfe6a1b0dcadd6c5ae335e3e9b427524c%22" target="_blank">org.gagravarr:vorbis-java-core:0.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l365_be5b08ff4c45632975646f286a1d13e325bec59a"></a>vorbis-java-tika-0.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.gagravarr\vorbis-java-tika\0.6\be5b08ff4c45632975646f286a1d13e325bec59a\vorbis-java-tika-0.6.jar<br/>
                            <b>MD5:</b>&nbsp;9906a3a825381c64756962ebe99df47b<br/>
                            <b>SHA1:</b>&nbsp;be5b08ff4c45632975646f286a1d13e325bec59a
                                                                                </p>
                                                <h4 id="header801" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content801" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>vorbis-java-tika</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.gagravarr</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>vorbis-java-tika-0.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.6</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>gagravarr</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tika</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>vorbis-java-tika</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>gagravarr</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Apache Tika plugin for Ogg, Vorbis and FLAC</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>vorbis-java-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.gagravarr</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/Gagravarr/VorbisJava</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header802" class="subsectionheader white">Identifiers</h4>
                                                <div id="content802" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:apache:tika:0.6
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('vorbis-java-tika-0.6.jar', 'be5b08ff4c45632975646f286a1d13e325bec59a', 'cpe', 'cpe:/a:apache:tika:0.6')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22be5b08ff4c45632975646f286a1d13e325bec59a%22" target="_blank">org.gagravarr:vorbis-java-tika:0.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l366_63a21ebc981131004ad02e0434e799fd7f3a8d5a"></a>hamcrest-all-1.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    QDox is a high speed, small footprint parser for extracting class/interface/method definitions from source files
    complete with JavaDoc @tags. It is designed to be used by active code generators or documentation tools.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.hamcrest\hamcrest-all\1.3\63a21ebc981131004ad02e0434e799fd7f3a8d5a\hamcrest-all-1.3.jar<br/>
                            <b>MD5:</b>&nbsp;ae5102286b5720dd286d6b606cb891e2<br/>
                            <b>SHA1:</b>&nbsp;63a21ebc981131004ad02e0434e799fd7f3a8d5a
                                                                                </p>
                                                <h4 id="header803" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content803" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hamcrest-all</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.hamcrest</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hamcrest-all-1.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>built-date</td><td>2012-07-09 19:49:34</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>hamcrest-all</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>hamcrest.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.3</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>qdox</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> QDox is a high speed, small footprint parser for extracting class/interface/method definitions from source files complete with JavaDoc @tags. It is designed to be used by active code generators or documentation tools. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>thoughtworks.qdox</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>QDox</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://qdox.codehaus.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.12</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                <h4 id="header804" class="subsectionheader white">Identifiers</h4>
                                                <div id="content804" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;com.thoughtworks.qdox:qdox:1.12
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar" target="_blank">org.hamcrest:hamcrest-all:1.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l367_860340562250678d1a344907ac75754e259cdb14"></a>hamcrest-core-1.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.hamcrest\hamcrest-core\1.1\860340562250678d1a344907ac75754e259cdb14\hamcrest-core-1.1.jar<br/>
                            <b>MD5:</b>&nbsp;b66d0c48e1f1dc54d4227db52512c15b<br/>
                            <b>SHA1:</b>&nbsp;860340562250678d1a344907ac75754e259cdb14
                                                                                </p>
                                                <h4 id="header805" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content805" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hamcrest-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.hamcrest</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hamcrest-core-1.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hamcrest</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>hamcrest-core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>hamcrest</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Hamcrest Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>hamcrest-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.hamcrest</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header806" class="subsectionheader white">Identifiers</h4>
                                                <div id="content806" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22860340562250678d1a344907ac75754e259cdb14%22" target="_blank">org.hamcrest:hamcrest-core:1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l368_42a25dc3219429f0e5d060061f71acb49bf010a0"></a>hamcrest-core-1.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.
  <br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.hamcrest\hamcrest-core\1.3\42a25dc3219429f0e5d060061f71acb49bf010a0\hamcrest-core-1.3.jar<br/>
                            <b>MD5:</b>&nbsp;6393363b47ddcbba82321110c3e07519<br/>
                            <b>SHA1:</b>&nbsp;42a25dc3219429f0e5d060061f71acb49bf010a0
                                                                                </p>
                                                <h4 id="header807" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content807" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hamcrest-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.hamcrest</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hamcrest-core-1.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hamcrest</td></tr>
                                                                    <tr><td>Manifest</td><td>built-date</td><td>2012-07-09 19:49:34</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>hamcrest-core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>hamcrest.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.3</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>hamcrest-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>hamcrest</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Hamcrest Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>hamcrest-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.hamcrest</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header808" class="subsectionheader white">Identifiers</h4>
                                                <div id="content808" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar" target="_blank">org.hamcrest:hamcrest-core:1.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l369_f502b2c96c95e087435c79d3d6c9aa85bb1154bc"></a>ejb3-persistence-1.0.1.GA.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java Persistence API<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.hibernate\ejb3-persistence\1.0.1.GA\f502b2c96c95e087435c79d3d6c9aa85bb1154bc\ejb3-persistence-1.0.1.GA.jar<br/>
                            <b>MD5:</b>&nbsp;d46c8f0555d95027269259dd04f6b10c<br/>
                            <b>SHA1:</b>&nbsp;f502b2c96c95e087435c79d3d6c9aa85bb1154bc
                                                                                </p>
                                                <h4 id="header809" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content809" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>ejb3-persistence</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.hibernate</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.1.GA</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>ejb3-persistence-1.0.1.GA</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>persistence</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>EJB</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>hibernate.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.0 Final Release (1.0.1.GA) March 14 2008</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>EJB 3.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Sun Microsystems, Inc.</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>ejb3-persistence</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Java Persistence API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>hibernate</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Java Persistence API</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.hibernate.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.1.GA</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header810" class="subsectionheader white">Identifiers</h4>
                                                <div id="content810" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/hibernate/ejb3-persistence/1.0.1.GA/ejb3-persistence-1.0.1.GA.jar" target="_blank">org.hibernate:ejb3-persistence:1.0.1.GA</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l370_2083b277c76037253189d17e68ba86d2da478440"></a>hibernate-annotations-3.3.1.GA.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Annotations metadata for Hibernate<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">GNU LESSER GENERAL PUBLIC LICENSE: http://www.gnu.org/licenses/lgpl.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.hibernate\hibernate-annotations\3.3.1.GA\2083b277c76037253189d17e68ba86d2da478440\hibernate-annotations-3.3.1.GA.jar<br/>
                            <b>MD5:</b>&nbsp;ac93aaf6dad9f72e1ca73eb4069b4cd0<br/>
                            <b>SHA1:</b>&nbsp;2083b277c76037253189d17e68ba86d2da478440
                                                                                </p>
                                                <h4 id="header811" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content811" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hibernate-annotations</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.hibernate</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.3.1.GA</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hibernate-annotations-3.3.1.GA</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.3.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>annotations</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hibernate</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Hibernate Annotations</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://annotations.hibernate.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>hibernate.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>hibernate.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.3.1.GA</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Java Persistence</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>jcp.org</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>hibernate-annotations</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Annotations metadata for Hibernate</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>hibernate</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Hibernate Annotations</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://annotations.hibernate.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.3.1.GA</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header812" class="subsectionheader white">Identifiers</h4>
                                                <div id="content812" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/hibernate/hibernate-annotations/3.3.1.GA/hibernate-annotations-3.3.1.GA.jar" target="_blank">org.hibernate:hibernate-annotations:3.3.1.GA</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l371_c8f53732fe3b75935f0550bdc3ba92bc9345360f"></a>hibernate-commons-annotations-3.0.0.ga.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Hibernate Commons Annotations is a utility project used by annotations based Hibernate sub-projects.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">GNU LESSER GENERAL PUBLIC LICENSE: http://www.gnu.org/licenses/lgpl.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.hibernate\hibernate-commons-annotations\3.0.0.ga\c8f53732fe3b75935f0550bdc3ba92bc9345360f\hibernate-commons-annotations-3.0.0.ga.jar<br/>
                            <b>MD5:</b>&nbsp;1ccefbe43fedffc16835ceb1a777d199<br/>
                            <b>SHA1:</b>&nbsp;c8f53732fe3b75935f0550bdc3ba92bc9345360f
                                                                                </p>
                                                <h4 id="header813" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content813" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hibernate-commons-annotations</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.hibernate</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.0.0.ga</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.3.0.ga</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hibernate-commons-annotations-3.0.0.ga</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.0.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>annotations</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>common</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hibernate</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>reflection</td></tr>
                                                                    <tr><td>Manifest</td><td>product</td><td>Hibernate Commons Annotations</td></tr>
                                                                    <tr><td>Manifest</td><td>version</td><td>3.0.0.GA</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>hibernate-commons-annotations</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Hibernate Commons Annotations is a utility project used by annotations based Hibernate sub-projects.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>hibernate</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Hibernate Commons Annotations</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.0.0.ga</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                <h4 id="header814" class="subsectionheader white">Identifiers</h4>
                                                <div id="content814" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/hibernate/hibernate-commons-annotations/3.0.0.ga/hibernate-commons-annotations-3.0.0.ga.jar" target="_blank">org.hibernate:hibernate-commons-annotations:3.0.0.ga</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/hibernate/hibernate-commons-annotations/3.3.0.ga/hibernate-commons-annotations-3.3.0.ga.jar" target="_blank">org.hibernate:hibernate-commons-annotations:3.3.0.ga</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l372_dd982c3d5c28c956aa4fa9112258cb3013606ddd"></a>hibernate-3.2.6.ga.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Relational Persistence for Java<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">GNU LESSER GENERAL PUBLIC LICENSE: http://www.gnu.org/licenses/lgpl.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.hibernate\hibernate\3.2.6.ga\dd982c3d5c28c956aa4fa9112258cb3013606ddd\hibernate-3.2.6.ga.jar<br/>
                            <b>MD5:</b>&nbsp;5fc853b674c28384719ad7f846ea4dce<br/>
                            <b>SHA1:</b>&nbsp;dd982c3d5c28c956aa4fa9112258cb3013606ddd
                                                                                </p>
                                                <h4 id="header815" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content815" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>hibernate</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.hibernate</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.2.6.ga</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>hibernate-3.2.6.ga</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.2.6</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>hibernate</td></tr>
                                                                    <tr><td>Manifest</td><td>hibernate-version</td><td>3.2.6.ga</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Hibernate3</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>hibernate.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.2.6.ga</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>hibernate</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Relational Persistence for Java</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>hibernate</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Hibernate</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.jboss.com
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.hibernate.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.2.6.ga</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header816" class="subsectionheader white">Identifiers</h4>
                                                <div id="content816" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/hibernate/hibernate/3.2.6.ga/hibernate-3.2.6.ga.jar" target="_blank">org.hibernate:hibernate:3.2.6.ga</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l373_1d6851b0970de19593e8cdcbf7e593ca5c2db324"></a>inspektr-core-0.7.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Inspektr Core<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.inspektr\inspektr-core\0.7.0\1d6851b0970de19593e8cdcbf7e593ca5c2db324\inspektr-core-0.7.0.jar<br/>
                            <b>MD5:</b>&nbsp;36528ac75d74ab43a13aad6055146d60<br/>
                            <b>SHA1:</b>&nbsp;1d6851b0970de19593e8cdcbf7e593ca5c2db324
                                                                                </p>
                                                <h4 id="header817" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content817" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>inspektr-core-0.7.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.7.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Inspektr Core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.inspektr</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>0.7.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>inspektr-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Inspektr Core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>inspektr</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Inspektr Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>inspektr</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.inspektr</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.7.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header818" class="subsectionheader white">Identifiers</h4>
                                                <div id="content818" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;org.inspektr:inspektr-core:0.7.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l374_47ca95f71e3ccae756c4a24354d48069c58f475c"></a>bzip2-0.9.1.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;jbzip2 is a Java bzip2 compression/decompression library. It can be used as a replacement for the Apache CBZip2InputStream / CBZip2OutputStream classes.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">MIT License (MIT): http://opensource.org/licenses/mit-license.php</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.itadaki\bzip2\0.9.1\47ca95f71e3ccae756c4a24354d48069c58f475c\bzip2-0.9.1.jar<br/>
                            <b>MD5:</b>&nbsp;ddd5eb3a035655cbbb536e9b86907a00<br/>
                            <b>SHA1:</b>&nbsp;47ca95f71e3ccae756c4a24354d48069c58f475c
                                                                                </p>
                                                <h4 id="header819" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content819" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>bzip2</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.itadaki</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.9.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>bzip2-0.9.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.9.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>bzip2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>itadaki</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>bzip2</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>jbzip2 is a Java bzip2 compression/decompression library. It can be used as a replacement for the Apache CBZip2InputStream / CBZip2OutputStream classes.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>itadaki</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Itadaki jbzip2</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://code.google.com/p/jbzip2/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.9.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header820" class="subsectionheader white">Identifiers</h4>
                                                <div id="content820" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2" target="_blank">cpe:/a:bzip:bzip2:0.9.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('bzip2-0.9.1.jar', '47ca95f71e3ccae756c4a24354d48069c58f475c', 'cpe', 'cpe:/a:bzip:bzip2:0.9.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2247ca95f71e3ccae756c4a24354d48069c58f475c%22" target="_blank">org.itadaki:bzip2:0.9.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header821" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content821" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4089">CVE-2011-4089</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('bzip2-0.9.1.jar', '47ca95f71e3ccae756c4a24354d48069c58f475c', 'cve', 'CVE-2011-4089')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862</a></li>
                                                                            <li>EXPLOIT-DB - <a target="_blank" href="http://www.exploit-db.com/exploits/18147">18147</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2011/Oct/804">20111025 Re: Symlink vulnerabilities</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2011/10/28/16">[oss-security] 20111028 Re: Request for CVE Identifier: bzexe insecure	temporary  file</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-1308-1">USN-1308-1</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs307', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs307"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.4">cpe:/a:bzip:bzip2:1.0.4</a>  and all previous versions</li>
                                    <li class="vs307">...</li>
                                                                    <li class="vs307 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0">cpe:/a:bzip:bzip2:1.0</a> </li>
                                                                    <li class="vs307 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.1">cpe:/a:bzip:bzip2:1.0.1</a> </li>
                                                                    <li class="vs307 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.2">cpe:/a:bzip:bzip2:1.0.2</a> </li>
                                                                    <li class="vs307 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.3">cpe:/a:bzip:bzip2:1.0.3</a> </li>
                                                                    <li class="vs307 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.4">cpe:/a:bzip:bzip2:1.0.4</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0405">CVE-2010-0405</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('bzip2-0.9.1.jar', '47ca95f71e3ccae756c4a24354d48069c58f475c', 'cve', 'CVE-2010-0405')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-189 Numeric Errors
                            </p>
                            <p>Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html">APPLE-SA-2011-03-21-1</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/515055/100/0/threaded">20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow">http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.3">http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.3</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.apple.com/kb/HT4581">http://support.apple.com/kb/HT4581</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.bzip.org/">http://www.bzip.org/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.vmware.com/security/advisories/VMSA-2010-0019.html">http://www.vmware.com/security/advisories/VMSA-2010-0019.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/">http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=627882">https://bugzilla.redhat.com/show_bug.cgi?id=627882</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230">https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231">https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.html">FEDORA-2010-1512</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html">FEDORA-2010-17439</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="http://security.gentoo.org/glsa/glsa-201301-05.xml">GLSA-201301-05</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://marc.info/?l=oss-security&amp;m=128506868510655&amp;w=2">[oss-security] 20100921 bzip2 CVE-2010-0405 integer overflow</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0703.html">RHSA-2010:0703</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2010-0858.html">RHSA-2010:0858</a></li>
                                                                            <li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html">SUSE-SR:2010:018</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/usn-986-1">USN-986-1</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-986-2">USN-986-2</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-986-3">USN-986-3</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/2455">ADV-2010-2455</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/3043">ADV-2010-3043</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/3052">ADV-2010-3052</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/3073">ADV-2010-3073</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/3126">ADV-2010-3126</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2010/3127">ADV-2010-3127</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs308', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs308"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.5">cpe:/a:bzip:bzip2:1.0.5</a>  and all previous versions</li>
                                    <li class="vs308">...</li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9">cpe:/a:bzip:bzip2:0.9</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.0">cpe:/a:bzip:bzip2:0.9.0</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.0a">cpe:/a:bzip:bzip2:0.9.0a</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.0b">cpe:/a:bzip:bzip2:0.9.0b</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.0c">cpe:/a:bzip:bzip2:0.9.0c</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.5_a">cpe:/a:bzip:bzip2:0.9.5_a</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.5_b">cpe:/a:bzip:bzip2:0.9.5_b</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.5_c">cpe:/a:bzip:bzip2:0.9.5_c</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.5_d">cpe:/a:bzip:bzip2:0.9.5_d</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.5a">cpe:/a:bzip:bzip2:0.9.5a</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.5b">cpe:/a:bzip:bzip2:0.9.5b</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.5c">cpe:/a:bzip:bzip2:0.9.5c</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9.5d">cpe:/a:bzip:bzip2:0.9.5d</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9_a">cpe:/a:bzip:bzip2:0.9_a</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9_b">cpe:/a:bzip:bzip2:0.9_b</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A0.9_c">cpe:/a:bzip:bzip2:0.9_c</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0">cpe:/a:bzip:bzip2:1.0</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.1">cpe:/a:bzip:bzip2:1.0.1</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.2">cpe:/a:bzip:bzip2:1.0.2</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.3">cpe:/a:bzip:bzip2:1.0.3</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.4">cpe:/a:bzip:bzip2:1.0.4</a> </li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2%3A1.0.5">cpe:/a:bzip:bzip2:1.0.5</a>  and all previous versions</li>
                                                                    <li class="vs308 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Alibzip2%3Alibzip2%3A1.0.5">cpe:/a:libzip2:libzip2:1.0.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1260">CVE-2005-1260</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('bzip2-0.9.1.jar', '47ca95f71e3ccae756c4a24354d48069c58f475c', 'cve', 'CVE-2005-1260')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
                            </p>
                            <p>bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a &quot;decompression bomb&quot;).
                                                                    <ul>
                                                                            <li>APPLE - <a target="_blank" href="http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html">APPLE-SA-2007-11-14</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/13657">13657</a></li>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/26444">26444</a></li>
                                                                            <li>CERT - <a target="_blank" href="http://www.us-cert.gov/cas/techalerts/TA07-319A.html">TA07-319A</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.info.apple.com/article.html?artnum=307041">http://docs.info.apple.com/article.html?artnum=307041</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2005/dsa-741">DSA-741</a></li>
                                                                            <li>FEDORA - <a target="_blank" href="http://www.fedoralegacy.org/updates/FC2/2005-11-14-FLSA_2005_158801__Updated_bzip2_packages_fix_security_issues.html">FLSA:158801</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2005-474.html">RHSA-2005:474</a></li>
                                                                            <li>SGI - <a target="_blank" href="ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc">20060301-01-U</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-103118-1">103118</a></li>
                                                                            <li>SUNALERT - <a target="_blank" href="http://sunsolve.sun.com/search/document.do?assetkey=1-66-200191-1">200191</a></li>
                                                                            <li>UBUNTU - <a target="_blank" href="http://www.ubuntulinux.org/support/documentation/usn/usn-127-1">USN-127-1</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3525">ADV-2007-3525</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2007/3868">ADV-2007-3868</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:<ul>
                                    <li class="vs309"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Abzip%3Abzip2">cpe:/a:bzip:bzip2</a> </li>
                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l375_0c47163c27b1a7617af14182c168d2b5b54cdd66"></a>cas-server-core-3.3.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;CAS core<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.jasig.cas\cas-server-core\3.3.5\c47163c27b1a7617af14182c168d2b5b54cdd66\cas-server-core-3.3.5.jar<br/>
                            <b>MD5:</b>&nbsp;14e8ad0fdfb00b8213bfdd2c36304e59<br/>
                            <b>SHA1:</b>&nbsp;0c47163c27b1a7617af14182c168d2b5b54cdd66
                                                                                </p>
                                                <h4 id="header822" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content822" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>cas-server-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.jasig.cas</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.3.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>cas-server-core-3.3.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.3.5</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>JA-SIG CAS Core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Java Architectures Special Interest Group</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.jasig.cas</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>3.3.5</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>cas-server-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>CAS core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>jasig.cas</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JA-SIG CAS Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>cas-server</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.jasig.cas</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.3.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header823" class="subsectionheader white">Identifiers</h4>
                                                <div id="content823" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%220c47163c27b1a7617af14182c168d2b5b54cdd66%22" target="_blank">org.jasig.cas:cas-server-core:3.3.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l376_a2f4804d335d3cfe6a4bb3407dcf9fb88d396700"></a>person-directory-api-1.5.0-RC5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Provides a general interface for accessing attributes for a person.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.jasig.service\person-directory-api\1.5.0-RC5\a2f4804d335d3cfe6a4bb3407dcf9fb88d396700\person-directory-api-1.5.0-RC5.jar<br/>
                            <b>MD5:</b>&nbsp;342160c7a8e7d47a934fc442503f219b<br/>
                            <b>SHA1:</b>&nbsp;a2f4804d335d3cfe6a4bb3407dcf9fb88d396700
                                                                                </p>
                                                <h4 id="header824" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content824" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>person-directory-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.jasig.service</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.0-RC5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>person-directory-api-1.5.0-RC5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.0.rc5</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Person Directory API</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Jasig</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.jasig.service</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5.0-RC5</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Person Directory API</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Jasig</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>person-directory-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Provides a general interface for accessing attributes for a person.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>jasig.service</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Person Directory API</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>person-directory-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.jasig.service</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.0-RC5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header825" class="subsectionheader white">Identifiers</h4>
                                                <div id="content825" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22a2f4804d335d3cfe6a4bb3407dcf9fb88d396700%22" target="_blank">org.jasig.service:person-directory-api:1.5.0-RC5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l377_512831d6195409f9de30bcd06e1a3ce31fc4304f"></a>person-directory-impl-1.5.0-RC5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Provides implementations of the Person Directory API that have the capability of aggregating attributes from multiple data sources into a single view.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.jasig.service\person-directory-impl\1.5.0-RC5\512831d6195409f9de30bcd06e1a3ce31fc4304f\person-directory-impl-1.5.0-RC5.jar<br/>
                            <b>MD5:</b>&nbsp;05082275b6865cad22812017040483e2<br/>
                            <b>SHA1:</b>&nbsp;512831d6195409f9de30bcd06e1a3ce31fc4304f
                                                                                </p>
                                                <h4 id="header826" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content826" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>person-directory-impl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.jasig.service</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5.0-RC5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>person-directory-impl-1.5.0-RC5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5.0.rc5</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Person Directory Implementations</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Jasig</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.jasig.service</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5.0-RC5</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>Person Directory Implementations</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Jasig</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>person-directory-impl</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Provides implementations of the Person Directory API that have the capability of aggregating attributes from multiple data sources into a single view.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>jasig.service</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Person Directory Implementations</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>person-directory-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.jasig.service</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5.0-RC5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header827" class="subsectionheader white">Identifiers</h4>
                                                <div id="content827" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22512831d6195409f9de30bcd06e1a3ce31fc4304f%22" target="_blank">org.jasig.service:person-directory-impl:1.5.0-RC5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l378_32e7389479349a9d30cab805d83486b1e865aeaa"></a>com.springsource.org.jdom-1.0.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.jdom\com.springsource.org.jdom\1.0.0\32e7389479349a9d30cab805d83486b1e865aeaa\com.springsource.org.jdom-1.0.0.jar<br/>
                            <b>MD5:</b>&nbsp;9741e6528d37b38ac5c953f3d1892aa4<br/>
                            <b>SHA1:</b>&nbsp;32e7389479349a9d30cab805d83486b1e865aeaa
                                                                                </p>
                                                <h4 id="header828" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content828" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>com.springsource.org.jdom-1.0.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jdom</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>JDOM DOM Processor</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>com.springsource.org.jdom</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.0.0</td></tr>
                                                            </table>
                        </div>
                                                                        <h4 id="header829" class="subsectionheader white">Identifiers</h4>
                                                <div id="content829" class="subsectioncontent standardsubsection">
                                                    <ul><li><b>None</b></li></ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l379_4b65e55cc61b34bc634b25f0359d1242e4c519de"></a>jdom2-2.0.4.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
		A complete, Java-based solution for accessing, manipulating,
		and outputting XML data
	<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Similar to Apache License but with the acknowledgment clause removed: https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.jdom\jdom2\2.0.4\4b65e55cc61b34bc634b25f0359d1242e4c519de\jdom2-2.0.4.jar<br/>
                            <b>MD5:</b>&nbsp;e51c9485a3a38525a7df4bd25a05dec6<br/>
                            <b>SHA1:</b>&nbsp;4b65e55cc61b34bc634b25f0359d1242e4c519de
                                                                                </p>
                                                <h4 id="header830" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content830" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jdom2</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.jdom</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.0.4</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jdom2-2.0.4</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.0.4</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jdom2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/</td><td>Implementation-Title</td><td>org.jdom2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/</td><td>Implementation-Version</td><td>2.0.4</td></tr>
                                                                    <tr><td>manifest: org/jdom2/</td><td>Specification-Title</td><td>JDOM Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/adapters/</td><td>Implementation-Title</td><td>org.jdom2.adapters</td></tr>
                                                                    <tr><td>manifest: org/jdom2/adapters/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/adapters/</td><td>Implementation-Version</td><td>2.0.4</td></tr>
                                                                    <tr><td>manifest: org/jdom2/adapters/</td><td>Specification-Title</td><td>JDOM Adapter Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/filter/</td><td>Implementation-Title</td><td>org.jdom2.filter</td></tr>
                                                                    <tr><td>manifest: org/jdom2/filter/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/filter/</td><td>Implementation-Version</td><td>2.0.4</td></tr>
                                                                    <tr><td>manifest: org/jdom2/filter/</td><td>Specification-Title</td><td>JDOM Filter Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/input/</td><td>Implementation-Title</td><td>org.jdom2.input</td></tr>
                                                                    <tr><td>manifest: org/jdom2/input/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/input/</td><td>Implementation-Version</td><td>2.0.4</td></tr>
                                                                    <tr><td>manifest: org/jdom2/input/</td><td>Specification-Title</td><td>JDOM Input Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/output/</td><td>Implementation-Title</td><td>org.jdom2.output</td></tr>
                                                                    <tr><td>manifest: org/jdom2/output/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/output/</td><td>Implementation-Version</td><td>2.0.4</td></tr>
                                                                    <tr><td>manifest: org/jdom2/output/</td><td>Specification-Title</td><td>JDOM Output Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/transform/</td><td>Implementation-Title</td><td>org.jdom2.transform</td></tr>
                                                                    <tr><td>manifest: org/jdom2/transform/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/transform/</td><td>Implementation-Version</td><td>2.0.4</td></tr>
                                                                    <tr><td>manifest: org/jdom2/transform/</td><td>Specification-Title</td><td>JDOM Transformation Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/xpath/</td><td>Implementation-Title</td><td>org.jdom2.xpath</td></tr>
                                                                    <tr><td>manifest: org/jdom2/xpath/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/xpath/</td><td>Implementation-Version</td><td>2.0.4</td></tr>
                                                                    <tr><td>manifest: org/jdom2/xpath/</td><td>Specification-Title</td><td>JDOM XPath Classes</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jdom2</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
		A complete, Java-based solution for accessing, manipulating,
		and outputting XML data
	</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>jdom</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JDOM</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.jdom.org
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.jdom.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.0.4</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header831" class="subsectionheader white">Identifiers</h4>
                                                <div id="content831" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/jdom/jdom2/2.0.4/jdom2-2.0.4.jar" target="_blank">org.jdom:jdom2:2.0.4</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l380_d06c71e0df0ac4b94deb737718580ccce22d92e8"></a>jdom-2.0.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
		A complete, Java-based solution for accessing, manipulating,
		and outputting XML data
	<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Similar to Apache License but with the acknowledgment clause removed: https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.jdom\jdom\2.0.2\d06c71e0df0ac4b94deb737718580ccce22d92e8\jdom-2.0.2.jar<br/>
                            <b>MD5:</b>&nbsp;f2ce377fffc36a069117c578c14139ba<br/>
                            <b>SHA1:</b>&nbsp;d06c71e0df0ac4b94deb737718580ccce22d92e8
                                                                                </p>
                                                <h4 id="header832" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content832" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jdom</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.jdom</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.0.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jdom-2.0.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.0.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jdom2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/</td><td>Implementation-Title</td><td>org.jdom2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/</td><td>Implementation-Version</td><td>2.0.2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/</td><td>Specification-Title</td><td>JDOM Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/adapters/</td><td>Implementation-Title</td><td>org.jdom2.adapters</td></tr>
                                                                    <tr><td>manifest: org/jdom2/adapters/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/adapters/</td><td>Implementation-Version</td><td>2.0.2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/adapters/</td><td>Specification-Title</td><td>JDOM Adapter Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/filter/</td><td>Implementation-Title</td><td>org.jdom2.filter</td></tr>
                                                                    <tr><td>manifest: org/jdom2/filter/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/filter/</td><td>Implementation-Version</td><td>2.0.2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/filter/</td><td>Specification-Title</td><td>JDOM Filter Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/input/</td><td>Implementation-Title</td><td>org.jdom2.input</td></tr>
                                                                    <tr><td>manifest: org/jdom2/input/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/input/</td><td>Implementation-Version</td><td>2.0.2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/input/</td><td>Specification-Title</td><td>JDOM Input Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/output/</td><td>Implementation-Title</td><td>org.jdom2.output</td></tr>
                                                                    <tr><td>manifest: org/jdom2/output/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/output/</td><td>Implementation-Version</td><td>2.0.2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/output/</td><td>Specification-Title</td><td>JDOM Output Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/transform/</td><td>Implementation-Title</td><td>org.jdom2.transform</td></tr>
                                                                    <tr><td>manifest: org/jdom2/transform/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/transform/</td><td>Implementation-Version</td><td>2.0.2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/transform/</td><td>Specification-Title</td><td>JDOM Transformation Classes</td></tr>
                                                                    <tr><td>manifest: org/jdom2/xpath/</td><td>Implementation-Title</td><td>org.jdom2.xpath</td></tr>
                                                                    <tr><td>manifest: org/jdom2/xpath/</td><td>Implementation-Vendor</td><td>jdom.org</td></tr>
                                                                    <tr><td>manifest: org/jdom2/xpath/</td><td>Implementation-Version</td><td>2.0.2</td></tr>
                                                                    <tr><td>manifest: org/jdom2/xpath/</td><td>Specification-Title</td><td>JDOM XPath Classes</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jdom</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>
		A complete, Java-based solution for accessing, manipulating,
		and outputting XML data
	</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>jdom</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JDOM</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.jdom.org
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.jdom.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.0.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header833" class="subsectionheader white">Identifiers</h4>
                                                <div id="content833" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/jdom/jdom/2.0.2/jdom-2.0.2.jar" target="_blank">org.jdom:jdom:2.0.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l381_d1ffca6e2482b002702c6a576166fd685e3370e3"></a>json-20140107.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
		JSON is a light-weight, language independent, data interchange format.
		See http://www.JSON.org/

		The files in this package implement JSON encoders/decoders in Java.
		It also includes the capability to convert between JSON and XML, HTTP
		headers, Cookies, and CDL.

		This is a reference implementation. There is a large number of JSON packages
		in Java. Perhaps someday the Java community will standardize on one. Until
		then, choose carefully.

		The license includes this restriction: &quot;The software shall be used for good,
		not evil.&quot; If your conscience cannot live with that, then choose a different
		package.

		The package compiles on Java 1.2 thru Java 1.4.
	<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The JSON License: http://json.org/license.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.json\json\20140107\d1ffca6e2482b002702c6a576166fd685e3370e3\json-20140107.jar<br/>
                            <b>MD5:</b>&nbsp;8ca2437d3dbbaa2e76195adedfd901f4<br/>
                            <b>SHA1:</b>&nbsp;d1ffca6e2482b002702c6a576166fd685e3370e3
                                                                                </p>
                                                <h4 id="header834" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content834" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>json</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.json</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>20140107</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>20140107</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>json-20140107</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>json</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>json</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> JSON is a light-weight, language independent, data interchange format. See http://www.JSON.org/ The files in this package implement JSON encoders/decoders in Java. It also includes the capability to convert between JSON and XML, HTTP headers, Cookies, and CDL. This is a reference implementation. There is a large number of JSON packages in Java. Perhaps someday the Java community will standardize on one. Until then, choose carefully. The license includes this restriction: &quot;The software shall be used for good, not evil.&quot; If your conscience cannot live with that, then choose a different package. The package compiles on Java 1.2 thru Java 1.4. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>json</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JSON in Java</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/douglascrockford/JSON-java</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>20140107</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header835" class="subsectionheader white">Identifiers</h4>
                                                <div id="content835" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22d1ffca6e2482b002702c6a576166fd685e3370e3%22" target="_blank">org.json:json:20140107</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l382_65fd012581ded67bc20945d85c32b4598c3a9cf1"></a>jsoup-1.8.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;jsoup HTML parser<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The MIT License: http://jsoup.org/license</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.jsoup\jsoup\1.8.3\65fd012581ded67bc20945d85c32b4598c3a9cf1\jsoup-1.8.3.jar<br/>
                            <b>MD5:</b>&nbsp;80adb5b301ed840a4b6db97abc02a8b0<br/>
                            <b>SHA1:</b>&nbsp;65fd012581ded67bc20945d85c32b4598c3a9cf1
                                                                                </p>
                                                <h4 id="header836" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content836" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jsoup</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.jsoup</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.8.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jsoup-1.8.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.8.3</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>jsoup HTML parser</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://jsoup.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>jsoup</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.jsoup</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.8.3</td></tr>
                                                                    <tr><td>Manifest</td><td>originally-created-by</td><td>1.8.0_25 (Oracle Corporation)</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jsoup</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>jsoup HTML parser</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>jsoup</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>jsoup</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://jonathanhedley.com/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jsoup.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.8.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header837" class="subsectionheader white">Identifiers</h4>
                                                <div id="content837" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2265fd012581ded67bc20945d85c32b4598c3a9cf1%22" target="_blank">org.jsoup:jsoup:1.8.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l383_21b15310bddcfd8c72611c180f20cf23279809a3"></a>spatial4j-0.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;
    Spatial4j is a general purpose spatial / geospatial ASL licensed open-source Java library. It's
    core capabilities are 3-fold: to provide common geospatially-aware shapes, to provide distance
    calculations and other math, and to read shape formats like WKT and GeoJSON.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.locationtech.spatial4j\spatial4j\0.6\21b15310bddcfd8c72611c180f20cf23279809a3\spatial4j-0.6.jar<br/>
                            <b>MD5:</b>&nbsp;baaffe1b4800337f0856c6160c255c35<br/>
                            <b>SHA1:</b>&nbsp;21b15310bddcfd8c72611c180f20cf23279809a3
                                                                                </p>
                                                <h4 id="header838" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content838" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spatial4j</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.locationtech.spatial4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spatial4j-0.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.6</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Spatial4j is a general purpose spatial / geospatial ASL licensed open-source Java library. It's core capabilities are 3-fold: to provide common geospatially-aware shapes, to provide distance calculations and other math, and to read shape formats ...</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.locationtech.org/</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Spatial4J</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.locationtech.spatial4j</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>0.6.0</td></tr>
                                                                    <tr><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spatial4j</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> Spatial4j is a general purpose spatial / geospatial ASL licensed open-source Java library. It's core capabilities are 3-fold: to provide common geospatially-aware shapes, to provide distance calculations and other math, and to read shape formats ...</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>locationtech.spatial4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spatial4J</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.locationtech.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.locationtech.org/projects/locationtech.spatial4j</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header839" class="subsectionheader white">Identifiers</h4>
                                                <div id="content839" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2221b15310bddcfd8c72611c180f20cf23279809a3%22" target="_blank">org.locationtech.spatial4j:spatial4j:0.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l384_b7d59dc172005598b55699b1a75605b13c14f1fd"></a>flute-1.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.milyn\flute\1.3\b7d59dc172005598b55699b1a75605b13c14f1fd\flute-1.3.jar<br/>
                            <b>MD5:</b>&nbsp;2f2e13cd3523c545dd1c4617b373692c<br/>
                            <b>SHA1:</b>&nbsp;b7d59dc172005598b55699b1a75605b13c14f1fd
                                                                                </p>
                                                <h4 id="header840" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content840" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>flute</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>milyn</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.milyn</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>flute-1.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>flute</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>parser</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>selectors</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>w3c</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>flute</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>milyn</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Flute</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                <h4 id="header841" class="subsectionheader white">Identifiers</h4>
                                                <div id="content841" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22b7d59dc172005598b55699b1a75605b13c14f1fd%22" target="_blank">milyn:flute:1.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/milyn/flute/1.3/flute-1.3.jar" target="_blank">org.milyn:flute:1.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l385_fa94a59c44b39ee710f3c9451750119e432326c0"></a>noggit-0.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Noggit is the world's fastest streaming JSON parser for Java.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.noggit\noggit\0.6\fa94a59c44b39ee710f3c9451750119e432326c0\noggit-0.6.jar<br/>
                            <b>MD5:</b>&nbsp;9440bd2e9201f69b7967832de17e068c<br/>
                            <b>SHA1:</b>&nbsp;fa94a59c44b39ee710f3c9451750119e432326c0
                                                                                </p>
                                                <h4 id="header842" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content842" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>noggit</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.noggit</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>0.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>noggit-0.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>0.6</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>noggit</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>noggit</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Noggit is the world's fastest streaming JSON parser for Java.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>noggit</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Noggit</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://github.com/yonik/noggit</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>0.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header843" class="subsectionheader white">Identifiers</h4>
                                                <div id="content843" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22fa94a59c44b39ee710f3c9451750119e432326c0%22" target="_blank">org.noggit:noggit:0.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l386_0a04e0f361627fb33a140b5aa4c019741f905577"></a>geoapi-3.0.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;

The development community in building GIS solutions is sustaining an enormous level
 of effort. The GeoAPI project aims to reduce duplication and increase interoperability
 by providing neutral, interface-only APIs derived from OGC/ISO Standards.
  <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">https://geoapi.svn.sourceforge.net/svnroot/geoapi/branches/3.0.x/LICENSE.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.opengis\geoapi\3.0.0\a04e0f361627fb33a140b5aa4c019741f905577\geoapi-3.0.0.jar<br/>
                            <b>MD5:</b>&nbsp;97b6baee0cf3402e8360203bf6c23b3f<br/>
                            <b>SHA1:</b>&nbsp;0a04e0f361627fb33a140b5aa4c019741f905577
                                                                                </p>
                                                <h4 id="header844" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content844" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>geoapi</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.opengis</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>3.0.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>geoapi-3.0.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>3.0.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The development community in building GIS solutions is sustaining an enormous level of effort. The GeoAPI project aims to reduce duplication and increase interoperability by providing neutral, interface-only APIs derived from OGC/ISO Standards.</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.geoapi.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>GeoAPI</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.opengis.geoapi</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>3.0.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>GeoAPI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Open Geospatial Consortium</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-version</td><td>Specification-Version</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>geoapi</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> The development community in building GIS solutions is sustaining an enormous level of effort. The GeoAPI project aims to reduce duplication and increase interoperability by providing neutral, interface-only APIs derived from OGC/ISO Standards. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>opengis</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>GeoAPI</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>geoapi-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.opengis</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>3.0.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header845" class="subsectionheader white">Identifiers</h4>
                                                <div id="content845" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%220a04e0f361627fb33a140b5aa4c019741f905577%22" target="_blank">org.opengis:geoapi:3.0.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l387_21ec22368b6baa211a29887e162aa4cf9a8f3c60"></a>opensaml-1.1b.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;
        The OpenSAML-J library provides tools to support developers working with the Security Assertion Markup Language
        (SAML).
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.opensaml\opensaml\1.1b\21ec22368b6baa211a29887e162aa4cf9a8f3c60\opensaml-1.1b.jar<br/>
                            <b>MD5:</b>&nbsp;b540669844849b8d8fad3336edf41dca<br/>
                            <b>SHA1:</b>&nbsp;21ec22368b6baa211a29887e162aa4cf9a8f3c60
                                                                                </p>
                                                <h4 id="header846" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content846" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>opensaml</td></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>opensaml1</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.opensaml</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>opensaml-1.1b</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1b</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>opensaml</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>opensaml1</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td> The OpenSAML-J library provides tools to support developers working with the Security Assertion Markup Language (SAML). </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>opensaml</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>OpenSAML-J</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.internet2.edu/
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://opensaml.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                <h4 id="header847" class="subsectionheader white">Identifiers</h4>
                                                <div id="content847" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Ainternet2%3Aopensaml%3A1.1" target="_blank">cpe:/a:internet2:opensaml:1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('opensaml-1.1b.jar', '21ec22368b6baa211a29887e162aa4cf9a8f3c60', 'cpe', 'cpe:/a:internet2:opensaml:1.1')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/opensaml/opensaml1/1.1/opensaml1-1.1.jar" target="_blank">org.opensaml:opensaml1:1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/opensaml/opensaml/1.1/opensaml-1.1.jar" target="_blank">org.opensaml:opensaml:1.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header848" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content848" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3476">CVE-2009-3476</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('opensaml-1.1b.jar', '21ec22368b6baa211a29887e162aa4cf9a8f3c60', 'cve', 'CVE-2009-3476')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
                                                            <br/>CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
                            </p>
                            <p>Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed encoded URL.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/36514">36514</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://shibboleth.internet2.edu/secadv/secadv_20090826.txt">http://shibboleth.internet2.edu/secadv/secadv_20090826.txt</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/53471">opensaml-xmltooling-url-bo(53471)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs310', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs310"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Aopensaml%3A1.1">cpe:/a:internet2:opensaml:1.1</a> </li>
                                    <li class="vs310">...</li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Aopensaml%3A1.1">cpe:/a:internet2:opensaml:1.1</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Aopensaml%3A1.1.1">cpe:/a:internet2:opensaml:1.1.1</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Ashibboleth-sp%3A1.3.1">cpe:/a:internet2:shibboleth-sp:1.3.1</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Ashibboleth-sp%3A1.3.2">cpe:/a:internet2:shibboleth-sp:1.3.2</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Ashibboleth-sp%3A1.3.3">cpe:/a:internet2:shibboleth-sp:1.3.3</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Ashibboleth-sp%3A1.3f">cpe:/a:internet2:shibboleth-sp:1.3f</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Ashibboleth-sp%3A2.0">cpe:/a:internet2:shibboleth-sp:2.0</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Ashibboleth-sp%3A2.1">cpe:/a:internet2:shibboleth-sp:2.1</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Ashibboleth-sp%3A2.2">cpe:/a:internet2:shibboleth-sp:2.2</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Axmltooling%3A1.0.1">cpe:/a:internet2:xmltooling:1.0.1</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Axmltooling%3A1.1.0">cpe:/a:internet2:xmltooling:1.1.0</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Axmltooling%3A1.1.1">cpe:/a:internet2:xmltooling:1.1.1</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Axmltooling%3A1.2.0">cpe:/a:internet2:xmltooling:1.2.0</a> </li>
                                                                    <li class="vs310 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Ainternet2%3Axmltooling%3A1.2.1">cpe:/a:internet2:xmltooling:1.2.1</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l388_25d8a575034dd9cfcb375a39b5334f0ba9c8474e"></a>asm-commons-5.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.ow2.asm\asm-commons\5.1\25d8a575034dd9cfcb375a39b5334f0ba9c8474e\asm-commons-5.1.jar<br/>
                            <b>MD5:</b>&nbsp;38839fb32c40f7f70986e9c282de0018<br/>
                            <b>SHA1:</b>&nbsp;25d8a575034dd9cfcb375a39b5334f0ba9c8474e
                                                                                </p>
                                                <h4 id="header849" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content849" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>asm-commons</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.ow2.asm</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>5.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>asm-commons-5.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>5.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>asm</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>commons</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>objectweb</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://asm.objectweb.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>ASM commons classes</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.objectweb.asm.commons</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>5.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>ASM commons classes</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>France Telecom R&amp;D</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>5.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>asm-commons</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>ow2.asm</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>ASM Commons</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>asm-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.ow2.asm</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>5.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header850" class="subsectionheader white">Identifiers</h4>
                                                <div id="content850" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/ow2/asm/asm-commons/5.1/asm-commons-5.1.jar" target="_blank">org.ow2.asm:asm-commons:5.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l389_5ef31c4fe953b1fd00b8a88fa1d6820e8785bb45"></a>asm-5.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.ow2.asm\asm\5.1\5ef31c4fe953b1fd00b8a88fa1d6820e8785bb45\asm-5.1.jar<br/>
                            <b>MD5:</b>&nbsp;3770466405f163d6616b65c32e16a3cd<br/>
                            <b>SHA1:</b>&nbsp;5ef31c4fe953b1fd00b8a88fa1d6820e8785bb45
                                                                                </p>
                                                <h4 id="header851" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content851" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>asm</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.ow2.asm</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>5.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>asm-5.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>5.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>asm</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>objectweb</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://asm.objectweb.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>ASM</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.objectweb.asm</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>5.1</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>ASM</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>France Telecom R&amp;D</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>5.1</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>asm</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>ow2.asm</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>ASM Core</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>asm-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.ow2.asm</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>5.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header852" class="subsectionheader white">Identifiers</h4>
                                                <div id="content852" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/ow2/asm/asm/5.1/asm-5.1.jar" target="_blank">org.ow2.asm:asm:5.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l390_6bac1ebc43ac3db223f592ce904ac4c2f3ef26e5"></a>antisamy-1.4.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.owasp.antisamy\antisamy\1.4.3\6bac1ebc43ac3db223f592ce904ac4c2f3ef26e5\antisamy-1.4.3.jar<br/>
                            <b>MD5:</b>&nbsp;9c7777853e159535f4d510b4dc0a88a9<br/>
                            <b>SHA1:</b>&nbsp;6bac1ebc43ac3db223f592ce904ac4c2f3ef26e5
                                                                                </p>
                                                <h4 id="header853" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content853" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>antisamy</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.owasp.antisamy</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.4.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>antisamy-1.4.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.4.3</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>OWASP AntiSamy</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Open Web Application Security Project (OWASP)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.owasp.antisamy</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.4.3</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>antisamy</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>owasp.antisamy</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>OWASP AntiSamy</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>antisamy-project</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.owasp.antisamy</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.4.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header854" class="subsectionheader white">Identifiers</h4>
                                                <div id="content854" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%226bac1ebc43ac3db223f592ce904ac4c2f3ef26e5%22" target="_blank">org.owasp.antisamy:antisamy:1.4.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l391_1892f47602b211ec72abc45df93a69c953a7ffba"></a>esapi-2.1.0.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;The Enterprise Security API (ESAPI) project is an OWASP project
        to create simple strong security controls for every web platform.
        Security controls are not simple to build. You can read about the
        hundreds of pitfalls for unwary developers on the OWASP web site. By
        providing developers with a set of strong controls, we aim to
        eliminate some of the complexity of creating secure web applications.
        This can result in significant cost savings across the SDLC.
    <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">BSD: http://www.opensource.org/licenses/bsd-license.php
Creative Commons 3.0 BY-SA: http://creativecommons.org/licenses/by-sa/3.0/</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.owasp.esapi\esapi\2.1.0\1892f47602b211ec72abc45df93a69c953a7ffba\esapi-2.1.0.jar<br/>
                            <b>MD5:</b>&nbsp;8f4181f64e43a73e396ed963cf23e427<br/>
                            <b>SHA1:</b>&nbsp;1892f47602b211ec72abc45df93a69c953a7ffba
                                                                                </p>
                                                <h4 id="header855" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content855" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>esapi</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.owasp.esapi</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.1.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>esapi-2.1.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>ESAPI</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>The Open Web Application Security Project (OWASP)</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.owasp.esapi</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.1.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>ESAPI</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>The Open Web Application Security Project (OWASP)</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>esapi</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The Enterprise Security API (ESAPI) project is an OWASP project to create simple strong security controls for every web platform. Security controls are not simple to build. You can read about the hundreds of pitfalls for unwary developers on the OWASP web site. By providing developers with a set of strong controls, we aim to eliminate some of the complexity of creating secure web applications. This can result in significant cost savings across the SDLC. </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>owasp.esapi</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>ESAPI</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.owasp.org/index.php
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.esapi.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.1.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header856" class="subsectionheader white">Identifiers</h4>
                                                <div id="content856" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aowasp%3Aenterprise_security_api%3A2.1.0" target="_blank">cpe:/a:owasp:enterprise_security_api:2.1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('esapi-2.1.0.jar', '1892f47602b211ec72abc45df93a69c953a7ffba', 'cpe', 'cpe:/a:owasp:enterprise_security_api:2.1.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%221892f47602b211ec72abc45df93a69c953a7ffba%22" target="_blank">org.owasp.esapi:esapi:2.1.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header857" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content857" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5960">CVE-2013-5960</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('esapi-2.1.0.jar', '1892f47602b211ec72abc45df93a69c953a7ffba', 'cve', 'CVE-2013-5960')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
                                                            <br/>CWE: CWE-310 Cryptographic Issues
                            </p>
                            <p>The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.1 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic protection mechanisms via an attack against the intended cipher mode in a non-default configuration, a different vulnerability than CVE-2013-5679.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/62415">62415</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://code.google.com/p/owasp-esapi-java/issues/detail?id=306">http://code.google.com/p/owasp-esapi-java/issues/detail?id=306</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://owasp-esapi-java.googlecode.com/svn/trunk/documentation/ESAPI-security-bulletin1.pdf">http://owasp-esapi-java.googlecode.com/svn/trunk/documentation/ESAPI-security-bulletin1.pdf</a></li>
                                                                            <li>MLIST - <a target="_blank" href="http://lists.owasp.org/pipermail/esapi-dev/2013-August/002285.html">[esapi-dev] 20130821 ESAPI Java and Authenticated encryption implementation</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs311', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs311"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aowasp%3Aenterprise_security_api%3A2.1.0">cpe:/a:owasp:enterprise_security_api:2.1.0</a> </li>
                                    <li class="vs311">...</li>
                                                                    <li class="vs311 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aowasp%3Aenterprise_security_api%3A2.0">cpe:/a:owasp:enterprise_security_api:2.0</a> </li>
                                                                    <li class="vs311 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aowasp%3Aenterprise_security_api%3A2.0.1">cpe:/a:owasp:enterprise_security_api:2.0.1</a> </li>
                                                                    <li class="vs311 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aowasp%3Aenterprise_security_api%3A2.1.0">cpe:/a:owasp:enterprise_security_api:2.1.0</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l392_2eb16fce055d5f3c9d65420f6fc4efd3a079a3d8"></a>quartz-2.2.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Enterprise Job Scheduler<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt
Apache Software License, Version 2.0">http://www.apache.org/licenses/LICENSE-2.0.txt
Apache Software License, Version 2.0</a></pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.quartz-scheduler\quartz\2.2.0\2eb16fce055d5f3c9d65420f6fc4efd3a079a3d8\quartz-2.2.0.jar<br/>
                            <b>MD5:</b>&nbsp;56d748f33fa07cb50c86eb72f53141b5<br/>
                            <b>SHA1:</b>&nbsp;2eb16fce055d5f3c9d65420f6fc4efd3a079a3d8
                                                                                </p>
                                                <h4 id="header858" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content858" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>quartz</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.quartz-scheduler</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.2.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>quartz-2.2.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.2.0</td></tr>
                                                                    <tr><td>Manifest</td><td>buildinfo-revision</td><td>2359</td></tr>
                                                                    <tr><td>Manifest</td><td>buildinfo-timestamp</td><td>20130629-140504</td></tr>
                                                                    <tr><td>Manifest</td><td>buildinfo-url</td><td>https://svn.terracotta.org/repo/quartz/tags/quartz-2.2.0</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>Enterprise Job Scheduler</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://www.terracotta.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>quartz</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.quartz-scheduler.quartz</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.2.0</td></tr>
                                                                    <tr><td>manifest</td><td>terracotta-description</td><td>Enterprise Job Scheduler</td></tr>
                                                                    <tr><td>Manifest</td><td>terracotta-name</td><td>quartz</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>quartz</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Enterprise Job Scheduler</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>quartz-scheduler</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>quartz</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>quartz-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.quartz-scheduler</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.2.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header859" class="subsectionheader white">Identifiers</h4>
                                                <div id="content859" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%222eb16fce055d5f3c9d65420f6fc4efd3a079a3d8%22" target="_blank">org.quartz-scheduler:quartz:2.2.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l393_9303e20d0397c0304342943560c3a1693fd7ce7d"></a>org.restlet.ext.servlet-2.3.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.restlet.jee\org.restlet.ext.servlet\2.3.0\9303e20d0397c0304342943560c3a1693fd7ce7d\org.restlet.ext.servlet-2.3.0.jar<br/>
                            <b>MD5:</b>&nbsp;e81ab1a31fdd07ac02c576086201b2da<br/>
                            <b>SHA1:</b>&nbsp;9303e20d0397c0304342943560c3a1693fd7ce7d
                                                                                </p>
                                                <h4 id="header860" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content860" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.restlet.ext.servlet-2.3.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.3.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ext</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>internal</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>restlet</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>servlet</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                        <h4 id="header861" class="subsectionheader white">Identifiers</h4>
                                                <div id="content861" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:restlet:restlet:2.3.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.restlet.ext.servlet-2.3.0.jar', '9303e20d0397c0304342943560c3a1693fd7ce7d', 'cpe', 'cpe:/a:restlet:restlet:2.3.0')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l394_4c5d184e23fa729726668a90dc7338d80c4e7e6f"></a>org.restlet-2.3.0.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.restlet.jee\org.restlet\2.3.0\4c5d184e23fa729726668a90dc7338d80c4e7e6f\org.restlet-2.3.0.jar<br/>
                            <b>MD5:</b>&nbsp;33a94f74de95421b4938dfecb0029ab1<br/>
                            <b>SHA1:</b>&nbsp;4c5d184e23fa729726668a90dc7338d80c4e7e6f
                                                                                </p>
                                                <h4 id="header862" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content862" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>file</td><td>name</td><td>org.restlet-2.3.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.3.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>engine</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>restlet</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                        <h4 id="header863" class="subsectionheader white">Identifiers</h4>
                                                <div id="content863" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:restlet:restlet:2.3.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('org.restlet-2.3.0.jar', '4c5d184e23fa729726668a90dc7338d80c4e7e6f', 'cpe', 'cpe:/a:restlet:restlet:2.3.0')">suppress</button>
                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l395_adf11f76e51f057e9d6903dd9a916162620386c9"></a>jug-2.0.0-asl.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
GNU Lesser General Public License v2.1: http://www.gnu.org/licenses/lgpl.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.safehaus.jug\jug\2.0.0\adf11f76e51f057e9d6903dd9a916162620386c9\jug-2.0.0-asl.jar<br/>
                            <b>MD5:</b>&nbsp;fe4231b92c5e4ffdc6ec308a9fd23f6a<br/>
                            <b>SHA1:</b>&nbsp;adf11f76e51f057e9d6903dd9a916162620386c9
                                                                                </p>
                                                <h4 id="header864" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content864" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jug</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.safehaus.jug</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.0.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jug-2.0.0-asl</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.0.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>safehaus</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>uuid</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Java Uuid/guid Generator</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>www.safehaus.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.0.0</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>UUID specification</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>http://hegel.ittc.ku.edu/topics/internet/internet-drafts/draft-l/draft-leach-uuids-guids-01.txt</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jug</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>safehaus.jug</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Java UUID Generator</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://jug.safehaus.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.0.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header865" class="subsectionheader white">Identifiers</h4>
                                                <div id="content865" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>maven:</b>&nbsp;org.safehaus.jug:jug:2.0.0
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGH
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l396_56003dcd0a31deea6391b9e2ef2f2dc90b205a92"></a>jcl-over-slf4j-1.7.7.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;JCL 1.1.1 implemented over SLF4J<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.slf4j\jcl-over-slf4j\1.7.7\56003dcd0a31deea6391b9e2ef2f2dc90b205a92\jcl-over-slf4j-1.7.7.jar<br/>
                            <b>MD5:</b>&nbsp;32ad130f946ef0460af416397b7fc7b7<br/>
                            <b>SHA1:</b>&nbsp;56003dcd0a31deea6391b9e2ef2f2dc90b205a92
                                                                                </p>
                                                <h4 id="header866" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content866" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jcl-over-slf4j</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.slf4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.7.7</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jcl-over-slf4j-1.7.7</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.7.7</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>JCL 1.1.1 implemented over SLF4J</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>jcl-over-slf4j</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>jcl.over.slf4j</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.7.7</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>jcl-over-slf4j</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.7.7</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jcl-over-slf4j</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>JCL 1.1.1 implemented over SLF4J</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>slf4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>JCL 1.1.1 implemented over SLF4J</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.slf4j</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.slf4j.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.7.7</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header867" class="subsectionheader white">Identifiers</h4>
                                                <div id="content867" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%2256003dcd0a31deea6391b9e2ef2f2dc90b205a92%22" target="_blank">org.slf4j:jcl-over-slf4j:1.7.7</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l397_139535a69a4239db087de9bab0bee568bf8e0b70"></a>slf4j-api-1.7.21.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The slf4j API<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.slf4j\slf4j-api\1.7.21\139535a69a4239db087de9bab0bee568bf8e0b70\slf4j-api-1.7.21.jar<br/>
                            <b>MD5:</b>&nbsp;c9be56284a92dcb2576679282eff80bf<br/>
                            <b>SHA1:</b>&nbsp;139535a69a4239db087de9bab0bee568bf8e0b70
                                                                                </p>
                                                <h4 id="header868" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content868" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>slf4j-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.slf4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.7.21</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>slf4j-api-1.7.21</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.7.21</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The slf4j API</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>slf4j-api</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>slf4j.api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.7.21</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>slf4j-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.7.21</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>slf4j-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The slf4j API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>slf4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>SLF4J API Module</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.slf4j</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.slf4j.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.7.21</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header869" class="subsectionheader white">Identifiers</h4>
                                                <div id="content869" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22139535a69a4239db087de9bab0bee568bf8e0b70%22" target="_blank">org.slf4j:slf4j-api:1.7.21</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l398_2b8019b6249bb05d81d3a3094e468753e2b21311"></a>slf4j-api-1.7.7.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The slf4j API<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.slf4j\slf4j-api\1.7.7\2b8019b6249bb05d81d3a3094e468753e2b21311\slf4j-api-1.7.7.jar<br/>
                            <b>MD5:</b>&nbsp;ca4280bf93d64367723ae5c8d42dd0b9<br/>
                            <b>SHA1:</b>&nbsp;2b8019b6249bb05d81d3a3094e468753e2b21311
                                                                                </p>
                                                <h4 id="header870" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content870" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>slf4j-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.slf4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.7.7</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>slf4j-api-1.7.7</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.7.7</td></tr>
                                                                    <tr><td>manifest</td><td>Bundle-Description</td><td>The slf4j API</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>slf4j-api</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>slf4j.api</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.7.7</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>slf4j-api</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.7.7</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>slf4j-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The slf4j API</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>slf4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>SLF4J API Module</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.slf4j</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.slf4j.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.7.7</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header871" class="subsectionheader white">Identifiers</h4>
                                                <div id="content871" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%222b8019b6249bb05d81d3a3094e468753e2b21311%22" target="_blank">org.slf4j:slf4j-api:1.7.7</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l399_449ea46b27426eb846611a90b2fb8b4dcf271191"></a>spring-beans-2.5.6.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Spring Framework: Beans<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-beans\2.5.6\449ea46b27426eb846611a90b2fb8b4dcf271191\spring-beans-2.5.6.jar<br/>
                            <b>MD5:</b>&nbsp;25c0752852205167af8f31a1eb019975<br/>
                            <b>SHA1:</b>&nbsp;449ea46b27426eb846611a90b2fb8b4dcf271191
                                                                                </p>
                                                <h4 id="header872" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content872" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-beans</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-beans-2.5.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5.6</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource spring framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>SpringSource</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>beans</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>factory</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Spring Beans</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.springframework.beans</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.6</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Spring Framework</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.5.6</td></tr>
                                                                    <tr><td>Manifest</td><td>spring-version</td><td>2.5.6</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-beans</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Framework: Beans</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Framework: Beans</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.springframework.org/
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.springframework.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                                                                                                            <h4 id="header873" class="subsectionheader white">Identifiers</h4>
                                                <div id="content873" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:2.5.6
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-beans-2.5.6.jar', '449ea46b27426eb846611a90b2fb8b4dcf271191', 'cpe', 'cpe:/a:pivotal:spring_framework:2.5.6')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6" target="_blank">cpe:/a:springsource:spring_framework:2.5.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-beans-2.5.6.jar', '449ea46b27426eb846611a90b2fb8b4dcf271191', 'cpe', 'cpe:/a:springsource:spring_framework:2.5.6')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:2.5.6
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-beans-2.5.6.jar', '449ea46b27426eb846611a90b2fb8b4dcf271191', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:2.5.6')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-beans/2.5.6/spring-beans-2.5.6.jar" target="_blank">org.springframework:spring-beans:2.5.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header874" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content874" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1904">CVE-2014-1904</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-beans-2.5.6.jar', '449ea46b27426eb846611a90b2fb8b4dcf271191', 'cve', 'CVE-2014-1904')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66137">66137</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/531422/100/0/threaded">20140311 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt">http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2014-1904">http://www.gopivotal.com/security/cve-2014-1904</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485">https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11426">https://jira.springsource.org/browse/SPR-11426</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Mar/101">20140312 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs312', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs312"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                    <li class="vs312">...</li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs312 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0054">CVE-2014-0054</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-beans-2.5.6.jar', '449ea46b27426eb846611a90b2fb8b4dcf271191', 'cve', 'CVE-2014-0054')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66148">66148</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.spring.io/browse/SPR-11376">https://jira.spring.io/browse/SPR-11376</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs313', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs313"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                    <li class="vs313">...</li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs313 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7315">CVE-2013-7315</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-beans-2.5.6.jar', '449ea46b27426eb846611a90b2fb8b4dcf271191', 'cve', 'CVE-2013-7315')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152.  NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77998">77998</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs314', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs314"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs314">...</li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs314 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6429">CVE-2013-6429</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-beans-2.5.6.jar', '449ea46b27426eb846611a90b2fb8b4dcf271191', 'cve', 'CVE-2013-6429')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/64947">64947</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/530770/100/0/threaded">20140114 CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-6429">http://www.gopivotal.com/security/cve-2013-6429</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel">https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs315', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs315"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                    <li class="vs315">...</li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A1.1.0">cpe:/a:springsource:spring_framework:1.1.0</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0">cpe:/a:springsource:spring_framework:2.0</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am1">cpe:/a:springsource:spring_framework:2.0:m1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am2">cpe:/a:springsource:spring_framework:2.0:m2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am3">cpe:/a:springsource:spring_framework:2.0:m3</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am4">cpe:/a:springsource:spring_framework:2.0:m4</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am5">cpe:/a:springsource:spring_framework:2.0:m5</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc1">cpe:/a:springsource:spring_framework:2.0:rc1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc2">cpe:/a:springsource:spring_framework:2.0:rc2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc3">cpe:/a:springsource:spring_framework:2.0:rc3</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc4">cpe:/a:springsource:spring_framework:2.0:rc4</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.1">cpe:/a:springsource:spring_framework:2.0.1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.2">cpe:/a:springsource:spring_framework:2.0.2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.3">cpe:/a:springsource:spring_framework:2.0.3</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.4">cpe:/a:springsource:spring_framework:2.0.4</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.5">cpe:/a:springsource:spring_framework:2.0.5</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am1">cpe:/a:springsource:spring_framework:2.1:m1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am2">cpe:/a:springsource:spring_framework:2.1:m2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am3">cpe:/a:springsource:spring_framework:2.1:m3</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am4">cpe:/a:springsource:spring_framework:2.1:m4</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs315 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4152">CVE-2013-4152</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-beans-2.5.6.jar', '449ea46b27426eb846611a90b2fb8b4dcf271191', 'cve', 'CVE-2013-4152')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/61951">61951</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/pull/317/files">https://github.com/spring-projects/spring-framework/pull/317/files</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0212.html">RHSA-2014:0212</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0245.html">RHSA-2014:0245</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0254.html">RHSA-2014:0254</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs316', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs316"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs316">...</li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs316 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2730">CVE-2011-2730</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-beans-2.5.6.jar', '449ea46b27426eb846611a90b2fb8b4dcf271191', 'cve', 'CVE-2011-2730')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka &quot;Expression Language Injection.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.springsource.com/security/cve-2011-2730">http://support.springsource.com/security/cve-2011-2730</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2012/dsa-2504">DSA-2504</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit">https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0191.html">RHSA-2013:0191</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0192.html">RHSA-2013:0192</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0193.html">RHSA-2013:0193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0194.html">RHSA-2013:0194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0195.html">RHSA-2013:0195</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0196.html">RHSA-2013:0196</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0197.html">RHSA-2013:0197</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0198.html">RHSA-2013:0198</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0221.html">RHSA-2013:0221</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0533.html">RHSA-2013:0533</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1029151">1029151</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs317', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs317"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                    <li class="vs317">...</li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs317 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1622">CVE-2010-1622</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-beans-2.5.6.jar', '449ea46b27426eb846611a90b2fb8b4dcf271191', 'cve', 'CVE-2010-1622')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-94 Improper Control of Generation of Code ('Code Injection')
                            </p>
                            <p>SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/40954">40954</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/511877">20100618 CVE-2010-1622: Spring Framework execution of arbitrary code</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html">http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://geronimo.apache.org/21x-security-report.html">http://geronimo.apache.org/21x-security-report.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://geronimo.apache.org/22x-security-report.html">http://geronimo.apache.org/22x-security-report.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html">http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.springsource.com/security/cve-2010-1622">http://www.springsource.com/security/cve-2010-1622</a></li>
                                                                            <li>EXPLOIT-DB - <a target="_blank" href="http://www.exploit-db.com/exploits/13918">13918</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://www.redhat.com/support/errata/RHSA-2011-0175.html">RHSA-2011:0175</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1033898">1033898</a></li>
                                                                            <li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2011/0237">ADV-2011-0237</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs318', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs318"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                    <li class="vs318">...</li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Afusion_middleware%3A7.6.2">cpe:/a:oracle:fusion_middleware:7.6.2</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Afusion_middleware%3A11.1.1.6.1">cpe:/a:oracle:fusion_middleware:11.1.1.6.1</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Afusion_middleware%3A11.1.1.8.0">cpe:/a:oracle:fusion_middleware:11.1.1.8.0</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs318 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l400_c2789e5215ed30d4d9e06873097c8bab8ae97109"></a>spring-binding-1.0.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Spring Data Binding Framework<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-binding\1.0.6\c2789e5215ed30d4d9e06873097c8bab8ae97109\spring-binding-1.0.6.jar<br/>
                            <b>MD5:</b>&nbsp;a8bca088c4e5ef2a395b5d784c6aa180<br/>
                            <b>SHA1:</b>&nbsp;c2789e5215ed30d4d9e06873097c8bab8ae97109
                                                                                </p>
                                                <h4 id="header875" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content875" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-binding</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-binding-1.0.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.6</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>binding</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Spring Data Binding</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>springframework.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.0.6</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-binding</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Data Binding Framework</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Binding</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.springframework.org/
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.springframework.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header876" class="subsectionheader white">Identifiers</h4>
                                                <div id="content876" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:1.0.6
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-binding-1.0.6.jar', 'c2789e5215ed30d4d9e06873097c8bab8ae97109', 'cpe', 'cpe:/a:pivotal:spring_framework:1.0.6')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:1.0.6
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-binding-1.0.6.jar', 'c2789e5215ed30d4d9e06873097c8bab8ae97109', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:1.0.6')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-binding/1.0.6/spring-binding-1.0.6.jar" target="_blank">org.springframework:spring-binding:1.0.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l401_3a88bce8e22a274f116d4fb3dcc936d088fff014"></a>spring-context-support-2.5.6.SEC01.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Spring Framework: Context Support<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-context-support\2.5.6.SEC01\3a88bce8e22a274f116d4fb3dcc936d088fff014\spring-context-support-2.5.6.SEC01.jar<br/>
                            <b>MD5:</b>&nbsp;e3f6c6bd31d9bca3d9c73693ce37f55c<br/>
                            <b>SHA1:</b>&nbsp;3a88bce8e22a274f116d4fb3dcc936d088fff014
                                                                                </p>
                                                <h4 id="header877" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content877" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-context-support</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-context-support-2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5.6.sec01</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource spring framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>SpringSource</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Spring Context Support</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.springframework.context.support</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Spring Framework</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>spring-version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-context-support</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Framework: Context Support</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Framework: Context Support</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.springframework.org/
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.springframework.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                                                                                                            <h4 id="header878" class="subsectionheader white">Identifiers</h4>
                                                <div id="content878" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-context-support-2.5.6.SEC01.jar', '3a88bce8e22a274f116d4fb3dcc936d088fff014', 'cpe', 'cpe:/a:pivotal:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-context-support-2.5.6.SEC01.jar', '3a88bce8e22a274f116d4fb3dcc936d088fff014', 'cpe', 'cpe:/a:springsource:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-context-support-2.5.6.SEC01.jar', '3a88bce8e22a274f116d4fb3dcc936d088fff014', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-context-support/2.5.6.SEC01/spring-context-support-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-context-support:2.5.6.SEC01</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header879" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content879" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1904">CVE-2014-1904</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-support-2.5.6.SEC01.jar', '3a88bce8e22a274f116d4fb3dcc936d088fff014', 'cve', 'CVE-2014-1904')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66137">66137</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/531422/100/0/threaded">20140311 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt">http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2014-1904">http://www.gopivotal.com/security/cve-2014-1904</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485">https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11426">https://jira.springsource.org/browse/SPR-11426</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Mar/101">20140312 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs319', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs319"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                    <li class="vs319">...</li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs319 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0054">CVE-2014-0054</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-support-2.5.6.SEC01.jar', '3a88bce8e22a274f116d4fb3dcc936d088fff014', 'cve', 'CVE-2014-0054')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66148">66148</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.spring.io/browse/SPR-11376">https://jira.spring.io/browse/SPR-11376</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs320', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs320"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                    <li class="vs320">...</li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs320 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7315">CVE-2013-7315</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-support-2.5.6.SEC01.jar', '3a88bce8e22a274f116d4fb3dcc936d088fff014', 'cve', 'CVE-2013-7315')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152.  NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77998">77998</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs321', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs321"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs321">...</li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs321 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6429">CVE-2013-6429</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-support-2.5.6.SEC01.jar', '3a88bce8e22a274f116d4fb3dcc936d088fff014', 'cve', 'CVE-2013-6429')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/64947">64947</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/530770/100/0/threaded">20140114 CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-6429">http://www.gopivotal.com/security/cve-2013-6429</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel">https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs322', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs322"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                    <li class="vs322">...</li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A1.1.0">cpe:/a:springsource:spring_framework:1.1.0</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0">cpe:/a:springsource:spring_framework:2.0</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am1">cpe:/a:springsource:spring_framework:2.0:m1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am2">cpe:/a:springsource:spring_framework:2.0:m2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am3">cpe:/a:springsource:spring_framework:2.0:m3</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am4">cpe:/a:springsource:spring_framework:2.0:m4</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am5">cpe:/a:springsource:spring_framework:2.0:m5</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc1">cpe:/a:springsource:spring_framework:2.0:rc1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc2">cpe:/a:springsource:spring_framework:2.0:rc2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc3">cpe:/a:springsource:spring_framework:2.0:rc3</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc4">cpe:/a:springsource:spring_framework:2.0:rc4</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.1">cpe:/a:springsource:spring_framework:2.0.1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.2">cpe:/a:springsource:spring_framework:2.0.2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.3">cpe:/a:springsource:spring_framework:2.0.3</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.4">cpe:/a:springsource:spring_framework:2.0.4</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.5">cpe:/a:springsource:spring_framework:2.0.5</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am1">cpe:/a:springsource:spring_framework:2.1:m1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am2">cpe:/a:springsource:spring_framework:2.1:m2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am3">cpe:/a:springsource:spring_framework:2.1:m3</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am4">cpe:/a:springsource:spring_framework:2.1:m4</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs322 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4152">CVE-2013-4152</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-support-2.5.6.SEC01.jar', '3a88bce8e22a274f116d4fb3dcc936d088fff014', 'cve', 'CVE-2013-4152')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/61951">61951</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/pull/317/files">https://github.com/spring-projects/spring-framework/pull/317/files</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0212.html">RHSA-2014:0212</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0245.html">RHSA-2014:0245</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0254.html">RHSA-2014:0254</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs323', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs323"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs323">...</li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs323 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2730">CVE-2011-2730</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-support-2.5.6.SEC01.jar', '3a88bce8e22a274f116d4fb3dcc936d088fff014', 'cve', 'CVE-2011-2730')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka &quot;Expression Language Injection.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.springsource.com/security/cve-2011-2730">http://support.springsource.com/security/cve-2011-2730</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2012/dsa-2504">DSA-2504</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit">https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0191.html">RHSA-2013:0191</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0192.html">RHSA-2013:0192</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0193.html">RHSA-2013:0193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0194.html">RHSA-2013:0194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0195.html">RHSA-2013:0195</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0196.html">RHSA-2013:0196</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0197.html">RHSA-2013:0197</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0198.html">RHSA-2013:0198</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0221.html">RHSA-2013:0221</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0533.html">RHSA-2013:0533</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1029151">1029151</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs324', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs324"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                    <li class="vs324">...</li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs324 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l402_030ab3c56aa2ca6d9e4a194a36ac0679df2fd108"></a>spring-context-2.5.6.SEC01.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Spring Framework: Context<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-context\2.5.6.SEC01\30ab3c56aa2ca6d9e4a194a36ac0679df2fd108\spring-context-2.5.6.SEC01.jar<br/>
                            <b>MD5:</b>&nbsp;fc87e3ecd8faa9306fe3657955e35315<br/>
                            <b>SHA1:</b>&nbsp;030ab3c56aa2ca6d9e4a194a36ac0679df2fd108
                                                                                </p>
                                                <h4 id="header880" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content880" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-context</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-context-2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5.6.sec01</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource spring framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>SpringSource</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Spring Context</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.springframework.context</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Spring Framework</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>spring-version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-context</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Framework: Context</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Framework: Context</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.springframework.org/
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.springframework.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                                                                                                            <h4 id="header881" class="subsectionheader white">Identifiers</h4>
                                                <div id="content881" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-context-2.5.6.SEC01.jar', '030ab3c56aa2ca6d9e4a194a36ac0679df2fd108', 'cpe', 'cpe:/a:pivotal:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-context-2.5.6.SEC01.jar', '030ab3c56aa2ca6d9e4a194a36ac0679df2fd108', 'cpe', 'cpe:/a:springsource:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-context-2.5.6.SEC01.jar', '030ab3c56aa2ca6d9e4a194a36ac0679df2fd108', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-context/2.5.6.SEC01/spring-context-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-context:2.5.6.SEC01</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header882" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content882" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1904">CVE-2014-1904</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-2.5.6.SEC01.jar', '030ab3c56aa2ca6d9e4a194a36ac0679df2fd108', 'cve', 'CVE-2014-1904')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66137">66137</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/531422/100/0/threaded">20140311 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt">http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2014-1904">http://www.gopivotal.com/security/cve-2014-1904</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485">https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11426">https://jira.springsource.org/browse/SPR-11426</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Mar/101">20140312 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs325', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs325"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                    <li class="vs325">...</li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs325 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0054">CVE-2014-0054</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-2.5.6.SEC01.jar', '030ab3c56aa2ca6d9e4a194a36ac0679df2fd108', 'cve', 'CVE-2014-0054')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66148">66148</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.spring.io/browse/SPR-11376">https://jira.spring.io/browse/SPR-11376</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs326', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs326"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                    <li class="vs326">...</li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs326 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7315">CVE-2013-7315</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-2.5.6.SEC01.jar', '030ab3c56aa2ca6d9e4a194a36ac0679df2fd108', 'cve', 'CVE-2013-7315')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152.  NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77998">77998</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs327', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs327"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs327">...</li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs327 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6429">CVE-2013-6429</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-2.5.6.SEC01.jar', '030ab3c56aa2ca6d9e4a194a36ac0679df2fd108', 'cve', 'CVE-2013-6429')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/64947">64947</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/530770/100/0/threaded">20140114 CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-6429">http://www.gopivotal.com/security/cve-2013-6429</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel">https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs328', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs328"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                    <li class="vs328">...</li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A1.1.0">cpe:/a:springsource:spring_framework:1.1.0</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0">cpe:/a:springsource:spring_framework:2.0</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am1">cpe:/a:springsource:spring_framework:2.0:m1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am2">cpe:/a:springsource:spring_framework:2.0:m2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am3">cpe:/a:springsource:spring_framework:2.0:m3</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am4">cpe:/a:springsource:spring_framework:2.0:m4</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am5">cpe:/a:springsource:spring_framework:2.0:m5</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc1">cpe:/a:springsource:spring_framework:2.0:rc1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc2">cpe:/a:springsource:spring_framework:2.0:rc2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc3">cpe:/a:springsource:spring_framework:2.0:rc3</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc4">cpe:/a:springsource:spring_framework:2.0:rc4</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.1">cpe:/a:springsource:spring_framework:2.0.1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.2">cpe:/a:springsource:spring_framework:2.0.2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.3">cpe:/a:springsource:spring_framework:2.0.3</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.4">cpe:/a:springsource:spring_framework:2.0.4</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.5">cpe:/a:springsource:spring_framework:2.0.5</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am1">cpe:/a:springsource:spring_framework:2.1:m1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am2">cpe:/a:springsource:spring_framework:2.1:m2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am3">cpe:/a:springsource:spring_framework:2.1:m3</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am4">cpe:/a:springsource:spring_framework:2.1:m4</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs328 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4152">CVE-2013-4152</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-2.5.6.SEC01.jar', '030ab3c56aa2ca6d9e4a194a36ac0679df2fd108', 'cve', 'CVE-2013-4152')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/61951">61951</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/pull/317/files">https://github.com/spring-projects/spring-framework/pull/317/files</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0212.html">RHSA-2014:0212</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0245.html">RHSA-2014:0245</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0254.html">RHSA-2014:0254</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs329', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs329"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs329">...</li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs329 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2730">CVE-2011-2730</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-context-2.5.6.SEC01.jar', '030ab3c56aa2ca6d9e4a194a36ac0679df2fd108', 'cve', 'CVE-2011-2730')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka &quot;Expression Language Injection.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.springsource.com/security/cve-2011-2730">http://support.springsource.com/security/cve-2011-2730</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2012/dsa-2504">DSA-2504</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit">https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0191.html">RHSA-2013:0191</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0192.html">RHSA-2013:0192</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0193.html">RHSA-2013:0193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0194.html">RHSA-2013:0194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0195.html">RHSA-2013:0195</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0196.html">RHSA-2013:0196</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0197.html">RHSA-2013:0197</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0198.html">RHSA-2013:0198</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0221.html">RHSA-2013:0221</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0533.html">RHSA-2013:0533</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1029151">1029151</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs330', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs330"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                    <li class="vs330">...</li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs330 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l403_3ed00dad7a16b2a28df9348294f6a67151f43cf6"></a>spring-core-4.2.3.RELEASE.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Spring Core<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-core\4.2.3.RELEASE\3ed00dad7a16b2a28df9348294f6a67151f43cf6\spring-core-4.2.3.RELEASE.jar<br/>
                            <b>MD5:</b>&nbsp;d32fdda47ac7d787d10d19c0f1129d6f<br/>
                            <b>SHA1:</b>&nbsp;3ed00dad7a16b2a28df9348294f6a67151f43cf6
                                                                                </p>
                                                <h4 id="header883" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content883" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-core</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.2.3.RELEASE</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-core-4.2.3.RELEASE</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.2.3</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource spring framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>SpringSource</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>spring-core</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.2.3.RELEASE</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-core</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Core</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Core</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://projects.spring.io/spring-framework
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/spring-projects/spring-framework</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.2.3.RELEASE</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                                                                                                            <h4 id="header884" class="subsectionheader white">Identifiers</h4>
                                                <div id="content884" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:4.2.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-core-4.2.3.RELEASE.jar', '3ed00dad7a16b2a28df9348294f6a67151f43cf6', 'cpe', 'cpe:/a:pivotal:spring_framework:4.2.3')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:springsource:spring_framework:4.2.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-core-4.2.3.RELEASE.jar', '3ed00dad7a16b2a28df9348294f6a67151f43cf6', 'cpe', 'cpe:/a:springsource:spring_framework:4.2.3')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:4.2.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-core-4.2.3.RELEASE.jar', '3ed00dad7a16b2a28df9348294f6a67151f43cf6', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:4.2.3')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-core/4.2.3.RELEASE/spring-core-4.2.3.RELEASE.jar" target="_blank">org.springframework:spring-core:4.2.3.RELEASE</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l404_74f28b32f9678dd3093643a268af767ddfcc337d"></a>spring-jdbc-2.5.6.SEC01.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Spring Framework: JDBC<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-jdbc\2.5.6.SEC01\74f28b32f9678dd3093643a268af767ddfcc337d\spring-jdbc-2.5.6.SEC01.jar<br/>
                            <b>MD5:</b>&nbsp;c07e1949e888106ff976e0d8f3d2d594<br/>
                            <b>SHA1:</b>&nbsp;74f28b32f9678dd3093643a268af767ddfcc337d
                                                                                </p>
                                                <h4 id="header885" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content885" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-jdbc</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-jdbc-2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5.6.sec01</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource spring framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>SpringSource</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jdbc</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Spring JDBC</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.springframework.jdbc</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Spring Framework</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>spring-version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-jdbc</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Framework: JDBC</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Framework: JDBC</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.springframework.org/
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.springframework.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                                                                                                            <h4 id="header886" class="subsectionheader white">Identifiers</h4>
                                                <div id="content886" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-jdbc-2.5.6.SEC01.jar', '74f28b32f9678dd3093643a268af767ddfcc337d', 'cpe', 'cpe:/a:pivotal:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-jdbc-2.5.6.SEC01.jar', '74f28b32f9678dd3093643a268af767ddfcc337d', 'cpe', 'cpe:/a:springsource:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-jdbc-2.5.6.SEC01.jar', '74f28b32f9678dd3093643a268af767ddfcc337d', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-jdbc/2.5.6.SEC01/spring-jdbc-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-jdbc:2.5.6.SEC01</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header887" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content887" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1904">CVE-2014-1904</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-jdbc-2.5.6.SEC01.jar', '74f28b32f9678dd3093643a268af767ddfcc337d', 'cve', 'CVE-2014-1904')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66137">66137</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/531422/100/0/threaded">20140311 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt">http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2014-1904">http://www.gopivotal.com/security/cve-2014-1904</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485">https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11426">https://jira.springsource.org/browse/SPR-11426</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Mar/101">20140312 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs331', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs331"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                    <li class="vs331">...</li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs331 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0054">CVE-2014-0054</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-jdbc-2.5.6.SEC01.jar', '74f28b32f9678dd3093643a268af767ddfcc337d', 'cve', 'CVE-2014-0054')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66148">66148</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.spring.io/browse/SPR-11376">https://jira.spring.io/browse/SPR-11376</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs332', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs332"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                    <li class="vs332">...</li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs332 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7315">CVE-2013-7315</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-jdbc-2.5.6.SEC01.jar', '74f28b32f9678dd3093643a268af767ddfcc337d', 'cve', 'CVE-2013-7315')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152.  NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77998">77998</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs333', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs333"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs333">...</li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs333 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6429">CVE-2013-6429</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-jdbc-2.5.6.SEC01.jar', '74f28b32f9678dd3093643a268af767ddfcc337d', 'cve', 'CVE-2013-6429')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/64947">64947</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/530770/100/0/threaded">20140114 CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-6429">http://www.gopivotal.com/security/cve-2013-6429</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel">https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs334', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs334"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                    <li class="vs334">...</li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A1.1.0">cpe:/a:springsource:spring_framework:1.1.0</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0">cpe:/a:springsource:spring_framework:2.0</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am1">cpe:/a:springsource:spring_framework:2.0:m1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am2">cpe:/a:springsource:spring_framework:2.0:m2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am3">cpe:/a:springsource:spring_framework:2.0:m3</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am4">cpe:/a:springsource:spring_framework:2.0:m4</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am5">cpe:/a:springsource:spring_framework:2.0:m5</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc1">cpe:/a:springsource:spring_framework:2.0:rc1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc2">cpe:/a:springsource:spring_framework:2.0:rc2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc3">cpe:/a:springsource:spring_framework:2.0:rc3</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc4">cpe:/a:springsource:spring_framework:2.0:rc4</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.1">cpe:/a:springsource:spring_framework:2.0.1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.2">cpe:/a:springsource:spring_framework:2.0.2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.3">cpe:/a:springsource:spring_framework:2.0.3</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.4">cpe:/a:springsource:spring_framework:2.0.4</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.5">cpe:/a:springsource:spring_framework:2.0.5</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am1">cpe:/a:springsource:spring_framework:2.1:m1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am2">cpe:/a:springsource:spring_framework:2.1:m2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am3">cpe:/a:springsource:spring_framework:2.1:m3</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am4">cpe:/a:springsource:spring_framework:2.1:m4</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs334 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4152">CVE-2013-4152</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-jdbc-2.5.6.SEC01.jar', '74f28b32f9678dd3093643a268af767ddfcc337d', 'cve', 'CVE-2013-4152')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/61951">61951</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/pull/317/files">https://github.com/spring-projects/spring-framework/pull/317/files</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0212.html">RHSA-2014:0212</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0245.html">RHSA-2014:0245</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0254.html">RHSA-2014:0254</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs335', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs335"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs335">...</li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs335 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2730">CVE-2011-2730</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-jdbc-2.5.6.SEC01.jar', '74f28b32f9678dd3093643a268af767ddfcc337d', 'cve', 'CVE-2011-2730')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka &quot;Expression Language Injection.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.springsource.com/security/cve-2011-2730">http://support.springsource.com/security/cve-2011-2730</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2012/dsa-2504">DSA-2504</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit">https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0191.html">RHSA-2013:0191</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0192.html">RHSA-2013:0192</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0193.html">RHSA-2013:0193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0194.html">RHSA-2013:0194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0195.html">RHSA-2013:0195</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0196.html">RHSA-2013:0196</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0197.html">RHSA-2013:0197</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0198.html">RHSA-2013:0198</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0221.html">RHSA-2013:0221</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0533.html">RHSA-2013:0533</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1029151">1029151</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs336', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs336"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                    <li class="vs336">...</li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs336 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l405_255bd5a5d6d456792bb928e1cced60755f1fe513"></a>spring-orm-2.5.6.SEC01.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Spring Framework: ORM<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-orm\2.5.6.SEC01\255bd5a5d6d456792bb928e1cced60755f1fe513\spring-orm-2.5.6.SEC01.jar<br/>
                            <b>MD5:</b>&nbsp;cfb974095eb2430ba94a1137a4ee2313<br/>
                            <b>SHA1:</b>&nbsp;255bd5a5d6d456792bb928e1cced60755f1fe513
                                                                                </p>
                                                <h4 id="header888" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content888" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-orm</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-orm-2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5.6.sec01</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource spring framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>SpringSource</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>orm</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Spring ORM</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.springframework.orm</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Spring Framework</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>spring-version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-orm</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Framework: ORM</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Framework: ORM</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.springframework.org/
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.springframework.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                                                                                                            <h4 id="header889" class="subsectionheader white">Identifiers</h4>
                                                <div id="content889" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-orm-2.5.6.SEC01.jar', '255bd5a5d6d456792bb928e1cced60755f1fe513', 'cpe', 'cpe:/a:pivotal:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-orm-2.5.6.SEC01.jar', '255bd5a5d6d456792bb928e1cced60755f1fe513', 'cpe', 'cpe:/a:springsource:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-orm-2.5.6.SEC01.jar', '255bd5a5d6d456792bb928e1cced60755f1fe513', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-orm/2.5.6.SEC01/spring-orm-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-orm:2.5.6.SEC01</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header890" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content890" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1904">CVE-2014-1904</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-orm-2.5.6.SEC01.jar', '255bd5a5d6d456792bb928e1cced60755f1fe513', 'cve', 'CVE-2014-1904')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66137">66137</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/531422/100/0/threaded">20140311 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt">http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2014-1904">http://www.gopivotal.com/security/cve-2014-1904</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485">https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11426">https://jira.springsource.org/browse/SPR-11426</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Mar/101">20140312 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs337', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs337"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                    <li class="vs337">...</li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs337 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0054">CVE-2014-0054</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-orm-2.5.6.SEC01.jar', '255bd5a5d6d456792bb928e1cced60755f1fe513', 'cve', 'CVE-2014-0054')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66148">66148</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.spring.io/browse/SPR-11376">https://jira.spring.io/browse/SPR-11376</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs338', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs338"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                    <li class="vs338">...</li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs338 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7315">CVE-2013-7315</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-orm-2.5.6.SEC01.jar', '255bd5a5d6d456792bb928e1cced60755f1fe513', 'cve', 'CVE-2013-7315')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152.  NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77998">77998</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs339', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs339"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs339">...</li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs339 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6429">CVE-2013-6429</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-orm-2.5.6.SEC01.jar', '255bd5a5d6d456792bb928e1cced60755f1fe513', 'cve', 'CVE-2013-6429')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/64947">64947</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/530770/100/0/threaded">20140114 CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-6429">http://www.gopivotal.com/security/cve-2013-6429</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel">https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs340', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs340"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                    <li class="vs340">...</li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A1.1.0">cpe:/a:springsource:spring_framework:1.1.0</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0">cpe:/a:springsource:spring_framework:2.0</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am1">cpe:/a:springsource:spring_framework:2.0:m1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am2">cpe:/a:springsource:spring_framework:2.0:m2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am3">cpe:/a:springsource:spring_framework:2.0:m3</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am4">cpe:/a:springsource:spring_framework:2.0:m4</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am5">cpe:/a:springsource:spring_framework:2.0:m5</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc1">cpe:/a:springsource:spring_framework:2.0:rc1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc2">cpe:/a:springsource:spring_framework:2.0:rc2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc3">cpe:/a:springsource:spring_framework:2.0:rc3</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc4">cpe:/a:springsource:spring_framework:2.0:rc4</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.1">cpe:/a:springsource:spring_framework:2.0.1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.2">cpe:/a:springsource:spring_framework:2.0.2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.3">cpe:/a:springsource:spring_framework:2.0.3</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.4">cpe:/a:springsource:spring_framework:2.0.4</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.5">cpe:/a:springsource:spring_framework:2.0.5</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am1">cpe:/a:springsource:spring_framework:2.1:m1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am2">cpe:/a:springsource:spring_framework:2.1:m2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am3">cpe:/a:springsource:spring_framework:2.1:m3</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am4">cpe:/a:springsource:spring_framework:2.1:m4</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs340 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4152">CVE-2013-4152</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-orm-2.5.6.SEC01.jar', '255bd5a5d6d456792bb928e1cced60755f1fe513', 'cve', 'CVE-2013-4152')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/61951">61951</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/pull/317/files">https://github.com/spring-projects/spring-framework/pull/317/files</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0212.html">RHSA-2014:0212</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0245.html">RHSA-2014:0245</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0254.html">RHSA-2014:0254</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs341', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs341"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs341">...</li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs341 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2730">CVE-2011-2730</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-orm-2.5.6.SEC01.jar', '255bd5a5d6d456792bb928e1cced60755f1fe513', 'cve', 'CVE-2011-2730')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka &quot;Expression Language Injection.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.springsource.com/security/cve-2011-2730">http://support.springsource.com/security/cve-2011-2730</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2012/dsa-2504">DSA-2504</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit">https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0191.html">RHSA-2013:0191</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0192.html">RHSA-2013:0192</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0193.html">RHSA-2013:0193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0194.html">RHSA-2013:0194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0195.html">RHSA-2013:0195</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0196.html">RHSA-2013:0196</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0197.html">RHSA-2013:0197</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0198.html">RHSA-2013:0198</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0221.html">RHSA-2013:0221</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0533.html">RHSA-2013:0533</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1029151">1029151</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs342', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs342"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                    <li class="vs342">...</li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs342 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l406_d7c055b8fb1117ef75045679892228a4816cd80e"></a>spring-test-4.2.3.RELEASE.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Spring TestContext Framework<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-test\4.2.3.RELEASE\d7c055b8fb1117ef75045679892228a4816cd80e\spring-test-4.2.3.RELEASE.jar<br/>
                            <b>MD5:</b>&nbsp;4ec65b45ae6c51ba549b04f1d75aac7c<br/>
                            <b>SHA1:</b>&nbsp;d7c055b8fb1117ef75045679892228a4816cd80e
                                                                                </p>
                                                <h4 id="header891" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content891" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-test</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>4.2.3.RELEASE</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-test-4.2.3.RELEASE</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>4.2.3</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>test</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>web</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>spring-test</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>4.2.3.RELEASE</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-test</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring TestContext Framework</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring TestContext Framework</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://projects.spring.io/spring-framework
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>https://github.com/spring-projects/spring-framework</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>4.2.3.RELEASE</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header892" class="subsectionheader white">Identifiers</h4>
                                                <div id="content892" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:4.2.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-test-4.2.3.RELEASE.jar', 'd7c055b8fb1117ef75045679892228a4816cd80e', 'cpe', 'cpe:/a:pivotal:spring_framework:4.2.3')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:4.2.3
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-test-4.2.3.RELEASE.jar', 'd7c055b8fb1117ef75045679892228a4816cd80e', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:4.2.3')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-test/4.2.3.RELEASE/spring-test-4.2.3.RELEASE.jar" target="_blank">org.springframework:spring-test:4.2.3.RELEASE</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l407_4af6ff118eb394f804fe3a96f3e3f323a5de5ff6"></a>spring-tx-2.5.6.SEC01.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Spring Framework: Transaction<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-tx\2.5.6.SEC01\4af6ff118eb394f804fe3a96f3e3f323a5de5ff6\spring-tx-2.5.6.SEC01.jar<br/>
                            <b>MD5:</b>&nbsp;d3823f3cc0feeb18a6e89a1ff833a08e<br/>
                            <b>SHA1:</b>&nbsp;4af6ff118eb394f804fe3a96f3e3f323a5de5ff6
                                                                                </p>
                                                <h4 id="header893" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content893" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-tx</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-tx-2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5.6.sec01</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource spring framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>SpringSource</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>transaction</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Spring Transaction</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.springframework.transaction</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Spring Framework</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>spring-version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-tx</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Framework: Transaction</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Framework: Transaction</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.springframework.org/
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.springframework.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                                                                                                            <h4 id="header894" class="subsectionheader white">Identifiers</h4>
                                                <div id="content894" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-tx-2.5.6.SEC01.jar', '4af6ff118eb394f804fe3a96f3e3f323a5de5ff6', 'cpe', 'cpe:/a:pivotal:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-tx-2.5.6.SEC01.jar', '4af6ff118eb394f804fe3a96f3e3f323a5de5ff6', 'cpe', 'cpe:/a:springsource:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-tx-2.5.6.SEC01.jar', '4af6ff118eb394f804fe3a96f3e3f323a5de5ff6', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-tx/2.5.6.SEC01/spring-tx-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-tx:2.5.6.SEC01</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header895" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content895" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1904">CVE-2014-1904</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-tx-2.5.6.SEC01.jar', '4af6ff118eb394f804fe3a96f3e3f323a5de5ff6', 'cve', 'CVE-2014-1904')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66137">66137</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/531422/100/0/threaded">20140311 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt">http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2014-1904">http://www.gopivotal.com/security/cve-2014-1904</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485">https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11426">https://jira.springsource.org/browse/SPR-11426</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Mar/101">20140312 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs343', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs343"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                    <li class="vs343">...</li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs343 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0054">CVE-2014-0054</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-tx-2.5.6.SEC01.jar', '4af6ff118eb394f804fe3a96f3e3f323a5de5ff6', 'cve', 'CVE-2014-0054')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66148">66148</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.spring.io/browse/SPR-11376">https://jira.spring.io/browse/SPR-11376</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs344', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs344"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                    <li class="vs344">...</li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs344 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7315">CVE-2013-7315</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-tx-2.5.6.SEC01.jar', '4af6ff118eb394f804fe3a96f3e3f323a5de5ff6', 'cve', 'CVE-2013-7315')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152.  NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77998">77998</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs345', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs345"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs345">...</li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs345 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6429">CVE-2013-6429</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-tx-2.5.6.SEC01.jar', '4af6ff118eb394f804fe3a96f3e3f323a5de5ff6', 'cve', 'CVE-2013-6429')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/64947">64947</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/530770/100/0/threaded">20140114 CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-6429">http://www.gopivotal.com/security/cve-2013-6429</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel">https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs346', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs346"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                    <li class="vs346">...</li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A1.1.0">cpe:/a:springsource:spring_framework:1.1.0</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0">cpe:/a:springsource:spring_framework:2.0</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am1">cpe:/a:springsource:spring_framework:2.0:m1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am2">cpe:/a:springsource:spring_framework:2.0:m2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am3">cpe:/a:springsource:spring_framework:2.0:m3</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am4">cpe:/a:springsource:spring_framework:2.0:m4</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am5">cpe:/a:springsource:spring_framework:2.0:m5</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc1">cpe:/a:springsource:spring_framework:2.0:rc1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc2">cpe:/a:springsource:spring_framework:2.0:rc2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc3">cpe:/a:springsource:spring_framework:2.0:rc3</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc4">cpe:/a:springsource:spring_framework:2.0:rc4</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.1">cpe:/a:springsource:spring_framework:2.0.1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.2">cpe:/a:springsource:spring_framework:2.0.2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.3">cpe:/a:springsource:spring_framework:2.0.3</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.4">cpe:/a:springsource:spring_framework:2.0.4</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.5">cpe:/a:springsource:spring_framework:2.0.5</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am1">cpe:/a:springsource:spring_framework:2.1:m1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am2">cpe:/a:springsource:spring_framework:2.1:m2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am3">cpe:/a:springsource:spring_framework:2.1:m3</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am4">cpe:/a:springsource:spring_framework:2.1:m4</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs346 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4152">CVE-2013-4152</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-tx-2.5.6.SEC01.jar', '4af6ff118eb394f804fe3a96f3e3f323a5de5ff6', 'cve', 'CVE-2013-4152')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/61951">61951</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/pull/317/files">https://github.com/spring-projects/spring-framework/pull/317/files</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0212.html">RHSA-2014:0212</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0245.html">RHSA-2014:0245</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0254.html">RHSA-2014:0254</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs347', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs347"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs347">...</li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs347 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2730">CVE-2011-2730</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-tx-2.5.6.SEC01.jar', '4af6ff118eb394f804fe3a96f3e3f323a5de5ff6', 'cve', 'CVE-2011-2730')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka &quot;Expression Language Injection.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.springsource.com/security/cve-2011-2730">http://support.springsource.com/security/cve-2011-2730</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2012/dsa-2504">DSA-2504</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit">https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0191.html">RHSA-2013:0191</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0192.html">RHSA-2013:0192</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0193.html">RHSA-2013:0193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0194.html">RHSA-2013:0194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0195.html">RHSA-2013:0195</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0196.html">RHSA-2013:0196</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0197.html">RHSA-2013:0197</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0198.html">RHSA-2013:0198</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0221.html">RHSA-2013:0221</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0533.html">RHSA-2013:0533</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1029151">1029151</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs348', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs348"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                    <li class="vs348">...</li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs348 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l408_6a5711a5a29cf25603892c2bace8bbe3bf062834"></a>spring-web-2.5.6.SEC01.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Spring Framework: Web<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-web\2.5.6.SEC01\6a5711a5a29cf25603892c2bace8bbe3bf062834\spring-web-2.5.6.SEC01.jar<br/>
                            <b>MD5:</b>&nbsp;042b8195b45e7a61c017e8304b3c6dd1<br/>
                            <b>SHA1:</b>&nbsp;6a5711a5a29cf25603892c2bace8bbe3bf062834
                                                                                </p>
                                                <h4 id="header896" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content896" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-web</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-web-2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5.6.sec01</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource spring framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>SpringSource</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>web</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Spring Web</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.springframework.web</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Spring Framework</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>spring-version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-web</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Framework: Web</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Framework: Web</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.springframework.org/
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.springframework.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                                                                                                            <h4 id="header897" class="subsectionheader white">Identifiers</h4>
                                                <div id="content897" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-web-2.5.6.SEC01.jar', '6a5711a5a29cf25603892c2bace8bbe3bf062834', 'cpe', 'cpe:/a:pivotal:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-web-2.5.6.SEC01.jar', '6a5711a5a29cf25603892c2bace8bbe3bf062834', 'cpe', 'cpe:/a:springsource:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-web-2.5.6.SEC01.jar', '6a5711a5a29cf25603892c2bace8bbe3bf062834', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-web/2.5.6.SEC01/spring-web-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-web:2.5.6.SEC01</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header898" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content898" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1904">CVE-2014-1904</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-web-2.5.6.SEC01.jar', '6a5711a5a29cf25603892c2bace8bbe3bf062834', 'cve', 'CVE-2014-1904')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66137">66137</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/531422/100/0/threaded">20140311 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt">http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2014-1904">http://www.gopivotal.com/security/cve-2014-1904</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485">https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11426">https://jira.springsource.org/browse/SPR-11426</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Mar/101">20140312 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs349', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs349"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                    <li class="vs349">...</li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs349 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0054">CVE-2014-0054</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-web-2.5.6.SEC01.jar', '6a5711a5a29cf25603892c2bace8bbe3bf062834', 'cve', 'CVE-2014-0054')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66148">66148</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.spring.io/browse/SPR-11376">https://jira.spring.io/browse/SPR-11376</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs350', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs350"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                    <li class="vs350">...</li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs350 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7315">CVE-2013-7315</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-web-2.5.6.SEC01.jar', '6a5711a5a29cf25603892c2bace8bbe3bf062834', 'cve', 'CVE-2013-7315')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152.  NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77998">77998</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs351', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs351"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs351">...</li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs351 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6429">CVE-2013-6429</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-web-2.5.6.SEC01.jar', '6a5711a5a29cf25603892c2bace8bbe3bf062834', 'cve', 'CVE-2013-6429')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/64947">64947</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/530770/100/0/threaded">20140114 CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-6429">http://www.gopivotal.com/security/cve-2013-6429</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel">https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs352', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs352"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                    <li class="vs352">...</li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A1.1.0">cpe:/a:springsource:spring_framework:1.1.0</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0">cpe:/a:springsource:spring_framework:2.0</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am1">cpe:/a:springsource:spring_framework:2.0:m1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am2">cpe:/a:springsource:spring_framework:2.0:m2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am3">cpe:/a:springsource:spring_framework:2.0:m3</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am4">cpe:/a:springsource:spring_framework:2.0:m4</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am5">cpe:/a:springsource:spring_framework:2.0:m5</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc1">cpe:/a:springsource:spring_framework:2.0:rc1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc2">cpe:/a:springsource:spring_framework:2.0:rc2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc3">cpe:/a:springsource:spring_framework:2.0:rc3</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc4">cpe:/a:springsource:spring_framework:2.0:rc4</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.1">cpe:/a:springsource:spring_framework:2.0.1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.2">cpe:/a:springsource:spring_framework:2.0.2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.3">cpe:/a:springsource:spring_framework:2.0.3</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.4">cpe:/a:springsource:spring_framework:2.0.4</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.5">cpe:/a:springsource:spring_framework:2.0.5</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am1">cpe:/a:springsource:spring_framework:2.1:m1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am2">cpe:/a:springsource:spring_framework:2.1:m2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am3">cpe:/a:springsource:spring_framework:2.1:m3</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am4">cpe:/a:springsource:spring_framework:2.1:m4</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs352 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4152">CVE-2013-4152</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-web-2.5.6.SEC01.jar', '6a5711a5a29cf25603892c2bace8bbe3bf062834', 'cve', 'CVE-2013-4152')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/61951">61951</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/pull/317/files">https://github.com/spring-projects/spring-framework/pull/317/files</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0212.html">RHSA-2014:0212</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0245.html">RHSA-2014:0245</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0254.html">RHSA-2014:0254</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs353', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs353"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs353">...</li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs353 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2730">CVE-2011-2730</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-web-2.5.6.SEC01.jar', '6a5711a5a29cf25603892c2bace8bbe3bf062834', 'cve', 'CVE-2011-2730')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka &quot;Expression Language Injection.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.springsource.com/security/cve-2011-2730">http://support.springsource.com/security/cve-2011-2730</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2012/dsa-2504">DSA-2504</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit">https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0191.html">RHSA-2013:0191</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0192.html">RHSA-2013:0192</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0193.html">RHSA-2013:0193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0194.html">RHSA-2013:0194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0195.html">RHSA-2013:0195</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0196.html">RHSA-2013:0196</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0197.html">RHSA-2013:0197</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0198.html">RHSA-2013:0198</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0221.html">RHSA-2013:0221</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0533.html">RHSA-2013:0533</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1029151">1029151</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs354', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs354"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                    <li class="vs354">...</li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs354 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l409_73a9cef54005fe7c23947f13300eb0e0bf0f265a"></a>spring-webflow-1.0.6.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Spring Web Flow<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-webflow\1.0.6\73a9cef54005fe7c23947f13300eb0e0bf0f265a\spring-webflow-1.0.6.jar<br/>
                            <b>MD5:</b>&nbsp;29723d7337b93020528ced714cf7a364<br/>
                            <b>SHA1:</b>&nbsp;73a9cef54005fe7c23947f13300eb0e0bf0f265a
                                                                                </p>
                                                <h4 id="header899" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content899" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-webflow</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.6</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-webflow-1.0.6</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.6</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>webflow</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Spring Web Flow</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>springframework.org</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.0.6</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-webflow</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Web Flow</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Web Flow</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.springframework.org/
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.springframework.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.6</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                            <h4 id="header900" class="subsectionheader white">Identifiers</h4>
                                                <div id="content900" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:1.0.6
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-webflow-1.0.6.jar', '73a9cef54005fe7c23947f13300eb0e0bf0f265a', 'cpe', 'cpe:/a:pivotal:spring_framework:1.0.6')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:1.0.6
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-webflow-1.0.6.jar', '73a9cef54005fe7c23947f13300eb0e0bf0f265a', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:1.0.6')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-webflow/1.0.6/spring-webflow-1.0.6.jar" target="_blank">org.springframework:spring-webflow:1.0.6</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l410_1a48edcf8dcfc76882c821931eb0529db9af5d9b"></a>spring-webmvc-2.5.6.SEC01.jar</h3>
                    <div class="subsectioncontent">
                                                    <p><b>Description:</b>&nbsp;Spring Framework: Web MVC<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.springframework\spring-webmvc\2.5.6.SEC01\1a48edcf8dcfc76882c821931eb0529db9af5d9b\spring-webmvc-2.5.6.SEC01.jar<br/>
                            <b>MD5:</b>&nbsp;843c40ce4f66dc53e6fa635aff914933<br/>
                            <b>SHA1:</b>&nbsp;1a48edcf8dcfc76882c821931eb0529db9af5d9b
                                                                                </p>
                                                <h4 id="header901" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content901" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>spring-webmvc</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.springframework</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>spring-webmvc-2.5.6.SEC01</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.5.6.sec01</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource spring framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>pivotal</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>SpringSource</td></tr>
                                                                    <tr><td>hint analyzer</td><td>vendor</td><td>vmware</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>servlet</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>springframework</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>web</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>Spring Web Servlet</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.springframework.web.servlet</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>Spring Framework</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>Manifest</td><td>spring-version</td><td>2.5.6.SEC01</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>spring-webmvc</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Spring Framework: Web MVC</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>springframework</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Spring Framework: Web MVC</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.springframework.org/
	</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.springframework.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.5.6.SEC01</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                                                                                                                                                            <h4 id="header902" class="subsectionheader white">Identifiers</h4>
                                                <div id="content902" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:pivotal:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-webmvc-2.5.6.SEC01.jar', '1a48edcf8dcfc76882c821931eb0529db9af5d9b', 'cpe', 'cpe:/a:pivotal:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:springsource:spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-webmvc-2.5.6.SEC01.jar', '1a48edcf8dcfc76882c821931eb0529db9af5d9b', 'cpe', 'cpe:/a:springsource:spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                <li><b>cpe:</b>&nbsp;cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:LOW
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('spring-webmvc-2.5.6.SEC01.jar', '1a48edcf8dcfc76882c821931eb0529db9af5d9b', 'cpe', 'cpe:/a:vmware:springsource_spring_framework:2.5.6.sec01')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/springframework/spring-webmvc/2.5.6.SEC01/spring-webmvc-2.5.6.SEC01.jar" target="_blank">org.springframework:spring-webmvc:2.5.6.SEC01</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header903" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content903" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1904">CVE-2014-1904</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-webmvc-2.5.6.SEC01.jar', '1a48edcf8dcfc76882c821931eb0529db9af5d9b', 'cve', 'CVE-2014-1904')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
                                                            <br/>CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
                            </p>
                            <p>Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66137">66137</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/531422/100/0/threaded">20140311 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt">http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2014-1904">http://www.gopivotal.com/security/cve-2014-1904</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485">https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11426">https://jira.springsource.org/browse/SPR-11426</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2014/Mar/101">20140312 CVE-2014-1904 XSS when using Spring MVC</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs355', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs355"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                    <li class="vs355">...</li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs355 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a>  and all previous versions</li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0054">CVE-2014-0054</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-webmvc-2.5.6.SEC01.jar', '1a48edcf8dcfc76882c821931eb0529db9af5d9b', 'cve', 'CVE-2014-0054')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-352
                            </p>
                            <p>The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66148">66148</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.spring.io/browse/SPR-11376">https://jira.spring.io/browse/SPR-11376</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs356', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs356"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                    <li class="vs356">...</li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.5">cpe:/a:springsource:spring_framework:3.2.5</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.6">cpe:/a:springsource:spring_framework:3.2.6</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.7">cpe:/a:springsource:spring_framework:3.2.7</a>  and all previous versions</li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                    <li class="vs356 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.1">cpe:/a:springsource:spring_framework:4.0.1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7315">CVE-2013-7315</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-webmvc-2.5.6.SEC01.jar', '1a48edcf8dcfc76882c821931eb0529db9af5d9b', 'cve', 'CVE-2013-7315')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152.  NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/77998">77998</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs357', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs357"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs357">...</li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs357 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6429">CVE-2013-6429</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-webmvc-2.5.6.SEC01.jar', '1a48edcf8dcfc76882c821931eb0529db9af5d9b', 'cve', 'CVE-2013-6429')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/64947">64947</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/530770/100/0/threaded">20140114 CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-6429">http://www.gopivotal.com/security/cve-2013-6429</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel">https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs358', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs358"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                    <li class="vs358">...</li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A1.1.0">cpe:/a:springsource:spring_framework:1.1.0</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0">cpe:/a:springsource:spring_framework:2.0</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am1">cpe:/a:springsource:spring_framework:2.0:m1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am2">cpe:/a:springsource:spring_framework:2.0:m2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am3">cpe:/a:springsource:spring_framework:2.0:m3</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am4">cpe:/a:springsource:spring_framework:2.0:m4</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Am5">cpe:/a:springsource:spring_framework:2.0:m5</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc1">cpe:/a:springsource:spring_framework:2.0:rc1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc2">cpe:/a:springsource:spring_framework:2.0:rc2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc3">cpe:/a:springsource:spring_framework:2.0:rc3</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0%3Arc4">cpe:/a:springsource:spring_framework:2.0:rc4</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.1">cpe:/a:springsource:spring_framework:2.0.1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.2">cpe:/a:springsource:spring_framework:2.0.2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.3">cpe:/a:springsource:spring_framework:2.0.3</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.4">cpe:/a:springsource:spring_framework:2.0.4</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.0.5">cpe:/a:springsource:spring_framework:2.0.5</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am1">cpe:/a:springsource:spring_framework:2.1:m1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am2">cpe:/a:springsource:spring_framework:2.1:m2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am3">cpe:/a:springsource:spring_framework:2.1:m3</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.1%3Am4">cpe:/a:springsource:spring_framework:2.1:m4</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.4">cpe:/a:springsource:spring_framework:3.2.4</a>  and all previous versions</li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am2">cpe:/a:springsource:spring_framework:4.0.0:m2</a> </li>
                                                                    <li class="vs358 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Arc1">cpe:/a:springsource:spring_framework:4.0.0:rc1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4152">CVE-2013-4152</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-webmvc-2.5.6.SEC01.jar', '1a48edcf8dcfc76882c821931eb0529db9af5d9b', 'cve', 'CVE-2013-4152')">suppress</button></p>
                            <p>Severity:
                                                            Medium
                                                        <br/>CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/61951">61951</a></li>
                                                                            <li>BUGTRAQ - <a target="_blank" href="http://seclists.org/bugtraq/2013/Aug/154">20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.gopivotal.com/security/cve-2013-4152">http://www.gopivotal.com/security/cve-2013-4152</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://github.com/spring-projects/spring-framework/pull/317/files">https://github.com/spring-projects/spring-framework/pull/317/files</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://jira.springsource.org/browse/SPR-10806">https://jira.springsource.org/browse/SPR-10806</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2014/dsa-2842">DSA-2842</a></li>
                                                                            <li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2013/Nov/14">20131102 XXE Injection in Spring Framework</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0212.html">RHSA-2014:0212</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0245.html">RHSA-2014:0245</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0254.html">RHSA-2014:0254</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-0400.html">RHSA-2014:0400</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs359', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs359"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                    <li class="vs359">...</li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am1">cpe:/a:springsource:spring_framework:3.0.0:m1</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am2">cpe:/a:springsource:spring_framework:3.0.0:m2</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am3">cpe:/a:springsource:spring_framework:3.0.0:m3</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Am4">cpe:/a:springsource:spring_framework:3.0.0:m4</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc1">cpe:/a:springsource:spring_framework:3.0.0:rc1</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc2">cpe:/a:springsource:spring_framework:3.0.0:rc2</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0%3Arc3">cpe:/a:springsource:spring_framework:3.0.0:rc3</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m1">cpe:/a:springsource:spring_framework:3.0.0.m1</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0.m2">cpe:/a:springsource:spring_framework:3.0.0.m2</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.6">cpe:/a:springsource:spring_framework:3.0.6</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.7">cpe:/a:springsource:spring_framework:3.0.7</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.0">cpe:/a:springsource:spring_framework:3.1.0</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.1">cpe:/a:springsource:spring_framework:3.1.1</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.2">cpe:/a:springsource:spring_framework:3.1.2</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.3">cpe:/a:springsource:spring_framework:3.1.3</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.1.4">cpe:/a:springsource:spring_framework:3.1.4</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.0">cpe:/a:springsource:spring_framework:3.2.0</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.1">cpe:/a:springsource:spring_framework:3.2.1</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.2">cpe:/a:springsource:spring_framework:3.2.2</a> </li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.2.3">cpe:/a:springsource:spring_framework:3.2.3</a>  and all previous versions</li>
                                                                    <li class="vs359 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A4.0.0%3Am1">cpe:/a:springsource:spring_framework:4.0.0:m1</a> </li>
                                                                </ul></p>
                                                                                <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2730">CVE-2011-2730</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('spring-webmvc-2.5.6.SEC01.jar', '1a48edcf8dcfc76882c821931eb0529db9af5d9b', 'cve', 'CVE-2011-2730')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-16 Configuration
                            </p>
                            <p>VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka &quot;Expression Language Injection.&quot;
                                                                    <ul>
                                                                            <li>CONFIRM - <a target="_blank" href="http://support.springsource.com/security/cve-2011-2730">http://support.springsource.com/security/cve-2011-2730</a></li>
                                                                            <li>DEBIAN - <a target="_blank" href="http://www.debian.org/security/2012/dsa-2504">DSA-2504</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814</a></li>
                                                                            <li>MISC - <a target="_blank" href="https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit">https://docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/edit</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0191.html">RHSA-2013:0191</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0192.html">RHSA-2013:0192</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0193.html">RHSA-2013:0193</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0194.html">RHSA-2013:0194</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0195.html">RHSA-2013:0195</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0196.html">RHSA-2013:0196</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0197.html">RHSA-2013:0197</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0198.html">RHSA-2013:0198</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0221.html">RHSA-2013:0221</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2013-0533.html">RHSA-2013:0533</a></li>
                                                                            <li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1029151">1029151</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs360', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs360"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                    <li class="vs360">...</li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0">cpe:/a:springsource:spring_framework:2.5.0</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc1">cpe:/a:springsource:spring_framework:2.5.0:rc1</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.0%3Arc2">cpe:/a:springsource:spring_framework:2.5.0:rc2</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.1">cpe:/a:springsource:spring_framework:2.5.1</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.2">cpe:/a:springsource:spring_framework:2.5.2</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.3">cpe:/a:springsource:spring_framework:2.5.3</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.4">cpe:/a:springsource:spring_framework:2.5.4</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.5">cpe:/a:springsource:spring_framework:2.5.5</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.6">cpe:/a:springsource:spring_framework:2.5.6</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7">cpe:/a:springsource:spring_framework:2.5.7</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A2.5.7_sr01">cpe:/a:springsource:spring_framework:2.5.7_sr01</a>  and all previous versions</li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.0">cpe:/a:springsource:spring_framework:3.0.0</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.1">cpe:/a:springsource:spring_framework:3.0.1</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.2">cpe:/a:springsource:spring_framework:3.0.2</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.3">cpe:/a:springsource:spring_framework:3.0.3</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.4">cpe:/a:springsource:spring_framework:3.0.4</a> </li>
                                                                    <li class="vs360 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aspringsource%3Aspring_framework%3A3.0.5">cpe:/a:springsource:spring_framework:3.0.5</a>  and all previous versions</li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l411_9c64274b7dbb65288237216e3fae7877fd3f2bee"></a>xz-1.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;XZ data compression<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Public Domain</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.tukaani\xz\1.5\9c64274b7dbb65288237216e3fae7877fd3f2bee\xz-1.5.jar<br/>
                            <b>MD5:</b>&nbsp;51050e595b308c4aec8ac314f66e18bc<br/>
                            <b>SHA1:</b>&nbsp;9c64274b7dbb65288237216e3fae7877fd3f2bee
                                                                                </p>
                                                <h4 id="header904" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content904" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xz</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.tukaani</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xz-1.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.5</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>tukaani</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xz</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-docurl</td><td>http://tukaani.org/xz/java.html</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>XZ data compression</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>org.tukaani.xz</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.5</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>XZ data compression</td></tr>
                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>http://tukaani.org/xz/java.html</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.5</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xz</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>XZ data compression</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>tukaani</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>XZ for Java</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://tukaani.org/xz/java.html</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header905" class="subsectionheader white">Identifiers</h4>
                                                <div id="content905" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=org/tukaani/xz/1.5/xz-1.5.jar" target="_blank">org.tukaani:xz:1.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l412_588266ff57165736149bc38e07f2875a4fe5969c"></a>jackson-databind-java-optional-2.4.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Jackson Databind module for serializing and deserializing Java 8 java.util.Option objects.
        This tool is forked from original source created by @realjenius <br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Apache License, Version 2.0: license.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\org.zapodot\jackson-databind-java-optional\2.4.2\588266ff57165736149bc38e07f2875a4fe5969c\jackson-databind-java-optional-2.4.2.jar<br/>
                            <b>MD5:</b>&nbsp;a71dc1727243e81663f447c146f718cb<br/>
                            <b>SHA1:</b>&nbsp;588266ff57165736149bc38e07f2875a4fe5969c
                                                                                </p>
                                                <h4 id="header906" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content906" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>jackson-databind-java-optional</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>org.zapodot</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.4.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>jackson-databind-java-optional-2.4.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.4.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jackson</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>java8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>zapodot</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>jackson-databind-java-optional</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Jackson Databind module for serializing and deserializing Java 8 java.util.Option objects. This tool is forked from original source created by @realjenius </td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>zapodot</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.4.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header907" class="subsectionheader white">Identifiers</h4>
                                                <div id="content907" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/#search|ga|1|1%3A%22588266ff57165736149bc38e07f2875a4fe5969c%22" target="_blank">org.zapodot:jackson-databind-java-optional:2.4.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l413_5592374f834645c4ae250f4c9fbb314c9369d698"></a>oro-2.0.8.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\oro\oro\2.0.8\5592374f834645c4ae250f4c9fbb314c9369d698\oro-2.0.8.jar<br/>
                            <b>MD5:</b>&nbsp;42e940d5d2d822f4dc04c65053e630ab<br/>
                            <b>SHA1:</b>&nbsp;5592374f834645c4ae250f4c9fbb314c9369d698
                                                                                </p>
                                                <h4 id="header908" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content908" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>oro</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>oro</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.0.8</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>oro-2.0.8</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.0.8</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>oro</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>text</td></tr>
                                                                    <tr><td>manifest: org/apache/oro</td><td>Implementation-Title</td><td>org.apache.oro</td></tr>
                                                                    <tr><td>manifest: org/apache/oro</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/oro</td><td>Implementation-Version</td><td>2.0.8 2003-12-28 11:00:13</td></tr>
                                                                    <tr><td>manifest: org/apache/oro</td><td>Specification-Title</td><td>Jakarta ORO</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>oro</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>oro</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.0.8</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header909" class="subsectionheader white">Identifiers</h4>
                                                <div id="content909" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=oro/oro/2.0.8/oro-2.0.8.jar" target="_blank">oro:oro:2.0.8</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l414_973df2b78b67bcd3144c3dbbb88da691065a3f8d"></a>regexp-1.3.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\regexp\regexp\1.3\973df2b78b67bcd3144c3dbbb88da691065a3f8d\regexp-1.3.jar<br/>
                            <b>MD5:</b>&nbsp;6dcdc325850e40b843cac2a25fb2121e<br/>
                            <b>SHA1:</b>&nbsp;973df2b78b67bcd3144c3dbbb88da691065a3f8d
                                                                                </p>
                                                <h4 id="header910" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content910" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>regexp</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>regexp</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>regexp-1.3</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>regexp</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>regexp</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>regexp</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header911" class="subsectionheader white">Identifiers</h4>
                                                <div id="content911" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=regexp/regexp/1.3/regexp-1.3.jar" target="_blank">regexp:regexp:1.3</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l415_49c100caf72d658aca8e58bd74a4ba90fa2b0d70"></a>stax-api-1.0.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;StAX API is the standard java XML processing API defined by JSR-173<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\stax\stax-api\1.0.1\49c100caf72d658aca8e58bd74a4ba90fa2b0d70\stax-api-1.0.1.jar<br/>
                            <b>MD5:</b>&nbsp;7d436a53c64490bee564c576babb36b4<br/>
                            <b>SHA1:</b>&nbsp;49c100caf72d658aca8e58bd74a4ba90fa2b0d70
                                                                                </p>
                                                <h4 id="header912" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content912" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>stax-api</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>stax</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>stax-api-1.0.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.0.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>javax</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>stream</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xml</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>StAX 1.0 API</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>JCP</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.0.1</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>StAX</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>JCP-173</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>stax-api</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>StAX API is the standard java XML processing API defined by JSR-173</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>stax</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>StAX API</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://stax.codehaus.org/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header913" class="subsectionheader white">Identifiers</h4>
                                                <div id="content913" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=stax/stax-api/1.0.1/stax-api-1.0.1.jar" target="_blank">stax:stax-api:1.0.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l416_dec1669fb6801b7328e01ad72fc9e10b69ea06c1"></a>wsdl4j-1.6.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Java stub generator for WSDL<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">CPL: http://www.opensource.org/licenses/cpl1.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\wsdl4j\wsdl4j\1.6.2\dec1669fb6801b7328e01ad72fc9e10b69ea06c1\wsdl4j-1.6.2.jar<br/>
                            <b>MD5:</b>&nbsp;2608a8ea3f07b0c08de8a7d3d0d3fc09<br/>
                            <b>SHA1:</b>&nbsp;dec1669fb6801b7328e01ad72fc9e10b69ea06c1
                                                                                </p>
                                                <h4 id="header914" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content914" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>wsdl4j</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>wsdl4j</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.6.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>wsdl4j-1.6.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.6.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>extensions</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>ibm</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>wsdl</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>WSDL4J</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>IBM</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.6</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>JWSDL</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>IBM (Java Community Process)</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>wsdl4j</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Java stub generator for WSDL</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>wsdl4j</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>WSDL4J</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://sf.net/projects/wsdl4j</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.6.2</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header915" class="subsectionheader white">Identifiers</h4>
                                                <div id="content915" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=wsdl4j/wsdl4j/1.6.2/wsdl4j-1.6.2.jar" target="_blank">wsdl4j:wsdl4j:1.6.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection"><a name="l417_a33c0097f1c70b20fa7ded220ea317eb3500515e"></a>xalan-2.7.0.jar</h3>
                    <div class="subsectioncontent">
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\xalan\xalan\2.7.0\a33c0097f1c70b20fa7ded220ea317eb3500515e\xalan-2.7.0.jar<br/>
                            <b>MD5:</b>&nbsp;a018d032c21a873225e702b36b171a10<br/>
                            <b>SHA1:</b>&nbsp;a33c0097f1c70b20fa7ded220ea317eb3500515e
                                                                                </p>
                                                <h4 id="header916" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content916" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xalan</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>xalan</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.7.0</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xalan-2.7.0</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.7.0</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xalan</td></tr>
                                                                    <tr><td>manifest: java_cup/runtime/</td><td>Implementation-Title</td><td>runtime</td></tr>
                                                                    <tr><td>manifest: java_cup/runtime/</td><td>Implementation-Vendor</td><td>Princeton University</td></tr>
                                                                    <tr><td>manifest: java_cup/runtime/</td><td>Implementation-Version</td><td>2.7.0</td></tr>
                                                                    <tr><td>manifest: java_cup/runtime/</td><td>Specification-Title</td><td>Runtime component of JCup</td></tr>
                                                                    <tr><td>manifest: org/apache/xalan/</td><td>Implementation-Title</td><td>org.apache.xalan</td></tr>
                                                                    <tr><td>manifest: org/apache/xalan/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/xalan/</td><td>Implementation-Version</td><td>2.7.0</td></tr>
                                                                    <tr><td>manifest: org/apache/xalan/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: org/apache/xalan/xsltc/</td><td>Implementation-Title</td><td>org.apache.xalan.xsltc</td></tr>
                                                                    <tr><td>manifest: org/apache/xalan/xsltc/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/xalan/xsltc/</td><td>Implementation-Version</td><td>2.7.0</td></tr>
                                                                    <tr><td>manifest: org/apache/xalan/xsltc/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: org/apache/xml/</td><td>Implementation-Title</td><td>org.apache.xml</td></tr>
                                                                    <tr><td>manifest: org/apache/xml/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/xml/</td><td>Implementation-Version</td><td>2.7.0</td></tr>
                                                                    <tr><td>manifest: org/apache/xpath/</td><td>Implementation-Title</td><td>org.apache.xpath</td></tr>
                                                                    <tr><td>manifest: org/apache/xpath/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/xpath/</td><td>Implementation-Version</td><td>2.7.0</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xalan</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>xalan</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.7.0</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                            <h4 id="header917" class="subsectionheader white">Identifiers</h4>
                                                <div id="content917" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>cpe:</b>&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&amp;cves=on&amp;cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.7.0" target="_blank">cpe:/a:apache:xalan-java:2.7.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                        &nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('xalan-2.7.0.jar', 'a33c0097f1c70b20fa7ded220ea317eb3500515e', 'cpe', 'cpe:/a:apache:xalan-java:2.7.0')">suppress</button>
                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=xalan/xalan/2.7.0/xalan-2.7.0.jar" target="_blank">xalan:xalan:2.7.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                        <h4 id="header918" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
                    <div id="content918" class="subsectioncontent standardsubsection">
                                                    <p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0107">CVE-2014-0107</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('xalan-2.7.0.jar', 'a33c0097f1c70b20fa7ded220ea317eb3500515e', 'cve', 'CVE-2014-0107')">suppress</button></p>
                            <p>Severity:
                                                            High
                                                        <br/>CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
                                                            <br/>CWE: CWE-264 Permissions, Privileges, and Access Controls
                            </p>
                            <p>The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
                                                                    <ul>
                                                                            <li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/66397">66397</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc?view=revision&amp;revision=1581058">http://svn.apache.org/viewvc?view=revision&revision=1581058</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21674334">http://www-01.ibm.com/support/docview.wss?uid=swg21674334</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21676093">http://www-01.ibm.com/support/docview.wss?uid=swg21676093</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21677145">http://www-01.ibm.com/support/docview.wss?uid=swg21677145</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21680703">http://www-01.ibm.com/support/docview.wss?uid=swg21680703</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21681933">http://www-01.ibm.com/support/docview.wss?uid=swg21681933</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.ibm.com/support/docview.wss?uid=swg21677967">http://www.ibm.com/support/docview.wss?uid=swg21677967</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html">http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755</a></li>
                                                                            <li>CONFIRM - <a target="_blank" href="https://issues.apache.org/jira/browse/XALANJ-2435">https://issues.apache.org/jira/browse/XALANJ-2435</a></li>
                                                                            <li>GENTOO - <a target="_blank" href="https://security.gentoo.org/glsa/201604-02">GLSA-201604-02</a></li>
                                                                            <li>MISC - <a target="_blank" href="http://www.ocert.org/advisories/ocert-2014-002.html">http://www.ocert.org/advisories/ocert-2014-002.html</a></li>
                                                                            <li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2014-1351.html">RHSA-2014:1351</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59151">59151</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59247">59247</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59290">59290</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59291">59291</a></li>
                                                                            <li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/59515">59515</a></li>
                                                                            <li>XF - <a target="_blank" href="http://xforce.iss.net/xforce/xfdb/92023">apache-xalanjava-cve20140107-sec-bypass(92023)</a></li>
                                                                        </ul>
                                                            </p>

                                                            <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" onclick="return toggleDisplay(this,'.vs361', 'show all', 'show less');">show all</a>)<ul>
                                    <li class="vs361"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.7.0">cpe:/a:apache:xalan-java:2.7.0</a> </li>
                                    <li class="vs361">...</li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A1.0.0">cpe:/a:apache:xalan-java:1.0.0</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.0.0">cpe:/a:apache:xalan-java:2.0.0</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.0.1">cpe:/a:apache:xalan-java:2.0.1</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.1.0">cpe:/a:apache:xalan-java:2.1.0</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.2.0">cpe:/a:apache:xalan-java:2.2.0</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.4.0">cpe:/a:apache:xalan-java:2.4.0</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.4.1">cpe:/a:apache:xalan-java:2.4.1</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.5.0">cpe:/a:apache:xalan-java:2.5.0</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.5.1">cpe:/a:apache:xalan-java:2.5.1</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.5.2">cpe:/a:apache:xalan-java:2.5.2</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.6.0">cpe:/a:apache:xalan-java:2.6.0</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.7.0">cpe:/a:apache:xalan-java:2.7.0</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Axalan-java%3A2.7.1">cpe:/a:apache:xalan-java:2.7.1</a>  and all previous versions</li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Awebcenter_sites%3A7.6.2">cpe:/a:oracle:webcenter_sites:7.6.2</a> </li>
                                                                    <li class="vs361 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aoracle%3Awebcenter_sites%3A11.1.1.8.0">cpe:/a:oracle:webcenter_sites:11.1.1.8.0</a> </li>
                                                                </ul></p>
                                                                        </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l418_25101e37ec0c907db6f0612cbf106ee519c1aef1"></a>xercesImpl-2.8.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;Xerces2 is the next generation of high performance, fully
		compliant XML parsers in the Apache Xerces family. This new
		version of Xerces introduces the Xerces Native Interface (XNI),
		a complete framework for building parser components and
		configurations that is extremely modular and easy to program.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\xerces\xercesImpl\2.8.1\25101e37ec0c907db6f0612cbf106ee519c1aef1\xercesImpl-2.8.1.jar<br/>
                            <b>MD5:</b>&nbsp;e86f321c8191b37bd720ff5679f57288<br/>
                            <b>SHA1:</b>&nbsp;25101e37ec0c907db6f0612cbf106ee519c1aef1
                                                                                </p>
                                                <h4 id="header919" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content919" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xercesImpl</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>xerces</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.8.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xercesImpl-2.8.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.8.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>apache</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xerces</td></tr>
                                                                    <tr><td>manifest: javax/xml/datatype/</td><td>Implementation-Title</td><td>javax.xml.datatype</td></tr>
                                                                    <tr><td>manifest: javax/xml/datatype/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/xml/datatype/</td><td>Implementation-Version</td><td>1.3.03</td></tr>
                                                                    <tr><td>manifest: javax/xml/datatype/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Implementation-Title</td><td>javax.xml.parsers</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Implementation-Version</td><td>1.3.03</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Implementation-Title</td><td>javax.xml.transform</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Implementation-Version</td><td>1.3.03</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: javax/xml/validation/</td><td>Implementation-Title</td><td>javax.xml.validation</td></tr>
                                                                    <tr><td>manifest: javax/xml/validation/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/xml/validation/</td><td>Implementation-Version</td><td>1.3.03</td></tr>
                                                                    <tr><td>manifest: javax/xml/validation/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: javax/xml/xpath/</td><td>Implementation-Title</td><td>javax.xml.xpath</td></tr>
                                                                    <tr><td>manifest: javax/xml/xpath/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: javax/xml/xpath/</td><td>Implementation-Version</td><td>1.3.03</td></tr>
                                                                    <tr><td>manifest: javax/xml/xpath/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/impl/Version.class</td><td>Implementation-Title</td><td>org.apache.xerces.impl.Version</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/impl/Version.class</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/impl/Version.class</td><td>Implementation-Version</td><td>2.8.1</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/xni/</td><td>Implementation-Title</td><td>org.apache.xerces.xni</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/xni/</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/xni/</td><td>Implementation-Version</td><td>1.2</td></tr>
                                                                    <tr><td>manifest: org/apache/xerces/xni/</td><td>Specification-Title</td><td>Xerces Native Interface</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Implementation-Title</td><td>org.w3c.dom</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Implementation-Vendor</td><td>World Wide Web Consortium</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Specification-Title</td><td>Document Object Model, Level 3 Core</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/ls/</td><td>Implementation-Title</td><td>org.w3c.dom.ls</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/ls/</td><td>Implementation-Vendor</td><td>World Wide Web Consortium</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/ls/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/ls/</td><td>Specification-Title</td><td>Document Object Model, Level 3 Load and Save</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Implementation-Title</td><td>org.xml.sax</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Implementation-Vendor</td><td>David Megginson</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Implementation-Version</td><td>2.0.2</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Specification-Title</td><td>Simple API for XML</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xercesImpl</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>xerces</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>Xerces2 Java Parser</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>2.8.1</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xerces.apache.org/xerces2-j/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>2.8.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header920" class="subsectionheader white">Identifiers</h4>
                                                <div id="content920" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=xerces/xercesImpl/2.8.1/xercesImpl-2.8.1.jar" target="_blank">xerces:xercesImpl:2.8.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l419_41a8b86b358e87f3f13cf46069721719105aff66"></a>xml-apis-ext-1.3.04.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;xml-commons provides an Apache-hosted set of DOM, SAX, and
    JAXP interfaces for use in other xml-based projects. Our hope is that we
    can standardize on both a common version and packaging scheme for these
    critical XML standards interfaces to make the lives of both our developers
    and users easier. The External Components portion of xml-commons contains
    interfaces that are defined by external standards organizations. For DOM,
    that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for
    JAXP it's Sun.<br/></p>
                                                <p>
                                                    <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\xml-apis\xml-apis-ext\1.3.04\41a8b86b358e87f3f13cf46069721719105aff66\xml-apis-ext-1.3.04.jar<br/>
                            <b>MD5:</b>&nbsp;bcb07d3b8d2397db7a3013b6465d347b<br/>
                            <b>SHA1:</b>&nbsp;41a8b86b358e87f3f13cf46069721719105aff66
                                                                                </p>
                                                <h4 id="header921" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content921" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xml-apis-ext</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>xml-apis</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.3.04</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xml-apis-ext-1.3.04</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.3.04</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>svg</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>w3c</td></tr>
                                                                    <tr><td>manifest: org/w3c/css/sac/</td><td>Implementation-Title</td><td>org.w3c.css.sac</td></tr>
                                                                    <tr><td>manifest: org/w3c/css/sac/</td><td>Implementation-Vendor</td><td>World Wide Web Consortium</td></tr>
                                                                    <tr><td>manifest: org/w3c/css/sac/</td><td>Implementation-Version</td><td>1.3</td></tr>
                                                                    <tr><td>manifest: org/w3c/css/sac/</td><td>Specification-Title</td><td>Simple API for CSS</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/smil/</td><td>Implementation-Title</td><td>org.w3c.dom.smil</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/smil/</td><td>Implementation-Vendor</td><td>World Wide Web Consortium</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/smil/</td><td>Specification-Title</td><td>Document Object Model (DOM) for Synchronized Multimedia Integration Language (SMIL)</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/svg/</td><td>Implementation-Title</td><td>org.w3c.dom.svg</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/svg/</td><td>Implementation-Vendor</td><td>World Wide Web Consortium</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/svg/</td><td>Implementation-Version</td><td>1.1</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/svg/</td><td>Specification-Title</td><td>Document Object Model (DOM) for Scalable Vector Graphics (SVG)</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xml-apis-ext</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>xml-commons provides an Apache-hosted set of DOM, SAX, and JAXP interfaces for use in other xml-based projects. Our hope is that we can standardize on both a common version and packaging scheme for these critical XML standards interfaces to make the lives of both our developers and users easier. The External Components portion of xml-commons contains interfaces that are defined by external standards organizations. For DOM, that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for JAXP it's Sun.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>xml-apis</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>XML Commons External Components XML APIs Extensions</td></tr>
                                                                    <tr><td>pom</td><td>parent-artifactid</td><td>apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-groupid</td><td>org.apache</td></tr>
                                                                    <tr><td>pom</td><td>parent-version</td><td>1.3.04</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xml.apache.org/commons/components/external/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.3.04</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header922" class="subsectionheader white">Identifiers</h4>
                                                <div id="content922" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=xml-apis/xml-apis-ext/1.3.04/xml-apis-ext-1.3.04.jar" target="_blank">xml-apis:xml-apis-ext:1.3.04</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l420_3136ca936f64c9d68529f048c2618bd356bf85c9"></a>xml-apis-2.0.2.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;xml-commons provides an Apache-hosted set of DOM, SAX, and
    JAXP interfaces for use in other xml-based projects. Our hope is that we
    can standardize on both a common version and packaging scheme for these
    critical XML standards interfaces to make the lives of both our developers
    and users easier. The External Components portion of xml-commons contains
    interfaces that are defined by external standards organizations. For DOM,
    that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for
    JAXP it's Sun.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\xml-apis\xml-apis\2.0.2\3136ca936f64c9d68529f048c2618bd356bf85c9\xml-apis-2.0.2.jar<br/>
                            <b>MD5:</b>&nbsp;458715c0f7646a56b1c6ad3138098beb<br/>
                            <b>SHA1:</b>&nbsp;3136ca936f64c9d68529f048c2618bd356bf85c9
                                                                                </p>
                                                <h4 id="header923" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content923" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xml-apis</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>xml-apis</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.0.b2</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.0.0</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>2.0.2</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xml-apis-2.0.2</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>2.0.2</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>dom</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>w3c</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Implementation-Title</td><td>javax.xml.transform</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Implementation-Vendor</td><td>Sun Microsystems Inc.</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Implementation-Version</td><td>1.1.2</td></tr>
                                                                    <tr><td>manifest: javax/xml/parsers/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Implementation-Title</td><td>javax.xml.transform</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Implementation-Vendor</td><td>Sun Microsystems Inc.</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Implementation-Version</td><td>1.1.2</td></tr>
                                                                    <tr><td>manifest: javax/xml/transform/</td><td>Specification-Title</td><td>Java API for XML Processing</td></tr>
                                                                    <tr><td>manifest: org/apache/xmlcommons/Version</td><td>Implementation-Title</td><td>org.apache.xmlcommons.Version</td></tr>
                                                                    <tr><td>manifest: org/apache/xmlcommons/Version</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td></tr>
                                                                    <tr><td>manifest: org/apache/xmlcommons/Version</td><td>Implementation-Version</td><td>1.0.b2</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Implementation-Title</td><td>org.w3c.dom</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Implementation-Vendor</td><td>World Wide Web Consortium</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Implementation-Version</td><td>1.0</td></tr>
                                                                    <tr><td>manifest: org/w3c/dom/</td><td>Specification-Title</td><td>Document Object Model, Level 2 Core</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Implementation-Title</td><td>org.xml.sax</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Implementation-Vendor</td><td>David Megginson</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Implementation-Version</td><td>2.0</td></tr>
                                                                    <tr><td>manifest: org/xml/sax/</td><td>Specification-Title</td><td>Simple API for XML</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xml-apis</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>xml-commons provides an Apache-hosted set of DOM, SAX, and JAXP interfaces for use in other xml-based projects. Our hope is that we can standardize on both a common version and packaging scheme for these critical XML standards interfaces to make the lives of both our developers and users easier. The External Components portion of xml-commons contains interfaces that are defined by external standards organizations. For DOM, that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for JAXP it's Sun.</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>xml-apis</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>XML Commons External Components XML APIs</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.apache.org/
  </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xml.apache.org/commons/#external</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.0.b2</td></tr>
                                                            </table>
                        </div>
                                                                                                                                                                                                                                    <h4 id="header924" class="subsectionheader white">Identifiers</h4>
                                                <div id="content924" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=xml-apis/xml-apis/1.0.b2/xml-apis-1.0.b2.jar" target="_blank">xml-apis:xml-apis:1.0.b2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=xml-apis/xml-apis/2.0.0/xml-apis-2.0.0.jar" target="_blank">xml-apis:xml-apis:2.0.0</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=xml-apis/xml-apis/2.0.2/xml-apis-2.0.2.jar" target="_blank">xml-apis:xml-apis:2.0.2</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l421_2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa"></a>xmlpull-1.1.3.1.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                <p>
                                                                                <b>License:</b><pre class="indent">Public Domain: http://www.xmlpull.org/v1/download/unpacked/LICENSE.txt</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\xmlpull\xmlpull\1.1.3.1\2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa\xmlpull-1.1.3.1.jar<br/>
                            <b>MD5:</b>&nbsp;cc57dacc720eca721a50e78934b822d2<br/>
                            <b>SHA1:</b>&nbsp;2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa
                                                                                </p>
                                                <h4 id="header925" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content925" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xmlpull</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>xmlpull</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.3.1</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xmlpull-1.1.3.1</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1.3.1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>v1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xmlpull</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xmlpull</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>xmlpull</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>XML Pull Parsing API</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.xmlpull.org</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.3.1</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header926" class="subsectionheader white">Identifiers</h4>
                                                <div id="content926" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=xmlpull/xmlpull/1.1.3.1/xmlpull-1.1.3.1.jar" target="_blank">xmlpull:xmlpull:1.1.3.1</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l422_4166493b9f04e91b858ba4150b28b4d197f8f8ea"></a>xom-1.2.5.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;The XOM Dual Streaming/Tree API for Processing XML<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">The GNU Lesser General Public License, Version 2.1: http://www.gnu.org/licenses/lgpl-2.1.html</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\xom\xom\1.2.5\4166493b9f04e91b858ba4150b28b4d197f8f8ea\xom-1.2.5.jar<br/>
                            <b>MD5:</b>&nbsp;91b16b5b53ae0804671a57dbf7623fad<br/>
                            <b>SHA1:</b>&nbsp;4166493b9f04e91b858ba4150b28b4d197f8f8ea
                                                                                </p>
                                                <h4 id="header927" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content927" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xom</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>xom</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.2.5</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xom-1.2.5</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.2.5</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>jaxen</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>nu</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xom</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Name</td><td>XOM</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.2</td></tr>
                                                                    <tr><td>Manifest</td><td>bundle-symbolicname</td><td>nu.xom</td></tr>
                                                                    <tr><td>Manifest</td><td>Bundle-Version</td><td>1.2.5.osgi</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Title</td><td>XOM</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Vendor</td><td>Elliotte Rusty Harold</td></tr>
                                                                    <tr><td>Manifest</td><td>Implementation-Version</td><td>1.2.5</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-title</td><td>XOM</td></tr>
                                                                    <tr><td>Manifest</td><td>specification-vendor</td><td>Elliotte Rusty Harold</td></tr>
                                                                    <tr><td>manifest: nu/xom/</td><td>Implementation-Title</td><td>nu.xom</td></tr>
                                                                    <tr><td>manifest: nu/xom/</td><td>Implementation-Vendor</td><td>Elliotte Rusty Harold</td></tr>
                                                                    <tr><td>manifest: nu/xom/</td><td>Implementation-Version</td><td>1.2.5</td></tr>
                                                                    <tr><td>manifest: nu/xom/</td><td>Specification-Title</td><td>XOM core classes</td></tr>
                                                                    <tr><td>manifest: nu/xom/canonical/</td><td>Implementation-Title</td><td>nu.xom.canonical</td></tr>
                                                                    <tr><td>manifest: nu/xom/canonical/</td><td>Specification-Title</td><td>XOM Canonical XML support</td></tr>
                                                                    <tr><td>manifest: nu/xom/converters/</td><td>Implementation-Title</td><td>nu.xom.converters</td></tr>
                                                                    <tr><td>manifest: nu/xom/converters/</td><td>Specification-Title</td><td>XOM converters to other object models</td></tr>
                                                                    <tr><td>manifest: nu/xom/jaxen/</td><td>Implementation-Title</td><td>org.jaxen</td></tr>
                                                                    <tr><td>manifest: nu/xom/jaxen/</td><td>Implementation-Vendor</td><td>CodeHaus</td></tr>
                                                                    <tr><td>manifest: nu/xom/jaxen/</td><td>Implementation-Version</td><td>1.1.2</td></tr>
                                                                    <tr><td>manifest: nu/xom/jaxen/</td><td>Specification-Title</td><td>Jaxen XPath engine</td></tr>
                                                                    <tr><td>manifest: nu/xom/xinclude/</td><td>Implementation-Title</td><td>nu.xom.xinclude</td></tr>
                                                                    <tr><td>manifest: nu/xom/xinclude/</td><td>Specification-Title</td><td>XOM XInclude engine</td></tr>
                                                                    <tr><td>manifest: nu/xom/xslt/</td><td>Implementation-Title</td><td>nu.xom.xslt</td></tr>
                                                                    <tr><td>manifest: nu/xom/xslt/</td><td>Specification-Title</td><td>XOM XSLT interface</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xom</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>The XOM Dual Streaming/Tree API for Processing XML</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>xom</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>XOM</td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://xom.nu</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.2.5</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header928" class="subsectionheader white">Identifiers</h4>
                                                <div id="content928" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=xom/xom/1.2.5/xom-1.2.5.jar" target="_blank">xom:xom:1.2.5</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>
                                    <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l423_19d4e90b43059058f6e056f794f0ea4030d60b86"></a>xpp3_min-1.1.4c.jar</h3>
                    <div class="subsectioncontent notvulnerable">
                                                    <p><b>Description:</b>&nbsp;MXP1 is a stable XmlPull parsing engine that is based on ideas from XPP and in particular XPP2 but completely revised and rewritten to take the best advantage of latest JIT JVMs such as Hotspot in JDK 1.4+.<br/></p>
                                                <p>
                                                                                <b>License:</b><pre class="indent">Indiana University Extreme! Lab Software License, vesion 1.1.1: http://www.extreme.indiana.edu/viewcvs/~checkout~/XPP3/java/LICENSE.txt
Public Domain: http://creativecommons.org/licenses/publicdomain</pre>
                                                                                <b>File&nbsp;Path:</b>&nbsp;Z:\Gradle\caches\modules-2\files-2.1\xpp3\xpp3_min\1.1.4c\19d4e90b43059058f6e056f794f0ea4030d60b86\xpp3_min-1.1.4c.jar<br/>
                            <b>MD5:</b>&nbsp;dcd95bcb84b09897b2b66d4684c040da<br/>
                            <b>SHA1:</b>&nbsp;19d4e90b43059058f6e056f794f0ea4030d60b86
                                                                                </p>
                                                <h4 id="header929" class="subsectionheader expandable expandablesubsection white">Evidence</h4>
                        <div id="content929" class="subsectioncontent standardsubsection hidden">
                            <table class="lined fullwidth" border="0">
                                <tr><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:70%;">Value</th></tr>
                                                                    <tr><td>central</td><td>artifactid</td><td>xpp3_min</td></tr>
                                                                    <tr><td>central</td><td>groupid</td><td>xpp3</td></tr>
                                                                    <tr><td>central</td><td>version</td><td>1.1.4c</td></tr>
                                                                    <tr><td>file</td><td>name</td><td>xpp3_min-1.1.4c</td></tr>
                                                                    <tr><td>file</td><td>version</td><td>1.1.4c</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>v1</td></tr>
                                                                    <tr><td>jar</td><td>package name</td><td>xmlpull</td></tr>
                                                                    <tr><td>pom</td><td>artifactid</td><td>xpp3_min</td></tr>
                                                                    <tr><td>pom</td><td>description</td><td>MXP1 is a stable XmlPull parsing engine that is based on ideas from XPP and in particular XPP2 but completely revised and rewritten to take the best advantage of latest JIT JVMs ...</td></tr>
                                                                    <tr><td>pom</td><td>groupid</td><td>xpp3</td></tr>
                                                                    <tr><td>pom</td><td>name</td><td>MXP1: Xml Pull Parser 3rd Edition (XPP3)</td></tr>
                                                                    <tr><td>pom</td><td>organization name</td><td>http://www.extreme.indiana.edu/
    </td></tr>
                                                                    <tr><td>pom</td><td>url</td><td>http://www.extreme.indiana.edu/xgws/xsoap/xpp/mxp1/</td></tr>
                                                                    <tr><td>pom</td><td>version</td><td>1.1.4c</td></tr>
                                                            </table>
                        </div>
                                                                                                                            <h4 id="header930" class="subsectionheader white">Identifiers</h4>
                                                <div id="content930" class="subsectioncontent standardsubsection">
                                                     <ul>
                                                                                                                                    <li><b>maven:</b>&nbsp;<a href="http://search.maven.org/remotecontent?filepath=xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar" target="_blank">xpp3:xpp3_min:1.1.4c</a>
                                                                                                    &nbsp;&nbsp;<i>Confidence</i>:HIGHEST
                                                                                                                                </li>
                                                        </ul>
                                                </div>
                                    </div>



                            </div>
        </div>
        <div><br/><br/>This report contains data retrieved from the <a href="http://nvd.nist.gov">National Vulnerability Database</a>.</div>
    </body>
</html>